Geek Answers Handbook

Redirect Loop to log in to your Google account with SSL for a custom domain in Google App Engine

I have an SSL (VIP) setting for a custom domain in the Google App Engine application ( https://www.gqueues.com ).

Everything works fine for most of my users. For users who log into their Google Apps accounts (who use OpenId), there is no problem. Most of the users who log into their Google accounts also have no problems.

HOWEVER, multiple Google Account users receive a redirect cycle error

(ERR_TOO_MANY_REDIRECTS) as shown below when they try to log in.

redirectLoop

This is the code I use to create the login url. It has worked fine for the past 3 years, and the only thing that has changed is that now it is switching to https instead of http:

loginURL = users.create_login_url("https://www.gqueues.com/main")

Login is required on the main page:

 @login_required def get(self):

I cannot reproduce a redirect loop using any of my test accounts or machines. However, one of my users reported that this seems to be a loop between these two addresses:

 https://appengine.google.com/_ah/loginform?state=xxxxxxxxxxx https://www.gqueues.com/_ah/conflogin?state=xxxxxxxxxxxxxx

In some other SO redirect loop posts, people have suggested that some of these auth pages get cached, but I checked and they all use 302 redirect, which is not cached.

Imgur

In addition, users had problems clearing their browser cache and cookies and make sure that they DO NOT block third-party cookies, but none of this helps. The problem occurs in different browsers and operating systems, so I do not think that it relates to a specific setting.

The only thing that works is to get users with a problem to access my application at appspot: https://gqueues-hrd.appspot.com

This, of course, is not quite a solution. The reason I spend thousands of dollars on SSL and VIP certificates on GAE is because everything the user sees is in my own domain (and therefore I use my own certificate, and not some common one from Google) .

Does anyone (especially from the App Engine team) know what is going on? It seems that the problem is that the Google account login code is implemented in App Engine or possibly with a new SSL code for user domains.

Thanks a lot,

Cameron

+4
source share
1 answer

We think that we have identified the problem on the App Engine side, and we are working on a fix. Thanks!

0
source

More articles:


All Articles