[webapp-container] Google Apps For Business support when using an external SSO provider
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
webbrowser-app |
Fix Released
|
High
|
Alberto Mardegan | |||
webbrowser-app (Ubuntu) | ||||||
Trusty |
Fix Released
|
High
|
Unassigned |
Bug Description
[Impact]
When using an SSD provider and Google Apps For Business, the URL containment prevents the login sequence to succeed. The navigation is redirected to an external browser and the user can never log in from within the webapp itself.
[Testcase]
- Open the Gmail webapp (look for Gmail in the Dash, then click on the application launcher)
- At the Google login prompt, authenticate with your Google Apps for Businness acccount: <email address hidden>
Expected result:
- You authenticate successfully and can access Gmail
Actual result:
- As soon as you validate your login, you are redirected to the default browser where the transaction finishes, and are then logged to Gmail, from within your browser; not inside the webapp itself
[Regression potential]
None, the issue itself is a regression compared to the previous releases where the browser was used as the webapp container and was sharing credentials in a way sufficient to allow a successful authentication with Google Apps for Business.
Related branches
- PS Jenkins bot: Needs Fixing (continuous-integration)
- Alexandre Abreu (community): Approve
-
Diff: 29 lines (+19/-0)1 file modifiedsrc/app/webcontainer/WebViewImplOxide.qml (+19/-0)
Changed in webbrowser-app: | |
importance: | Undecided → High |
status: | New → Confirmed |
tags: | added: webapps-hotlist |
Changed in webbrowser-app (Ubuntu Trusty): | |
importance: | Undecided → High |
status: | New → Fix Committed |
Changed in webbrowser-app: | |
status: | Confirmed → Fix Committed |
Changed in webbrowser-app (Ubuntu Trusty): | |
milestone: | none → trusty-updates |
Changed in webbrowser-app: | |
status: | Fix Committed → Fix Released |
We have released a solution for that particular case.
All Google Apps webapps have been patched to support their "Business" version almost transparently, except when using an external SSO provider.
In that case, users need to manually add the URL of that specific SSO provider to a configuration file, to authorize it within the webapp-container
For example, to authorize Gmail to verify your password using login.mycompany .com, you need to create the file ~/.local/ share/Gmailmail googlecom/ extra-url- patterns. conf: /login. mycompany. com/*
[Extra Patterns]
Patterns=https:/
On the phone, the name of the file is: ~/.local/ share/com. ubuntu. developer. webapps. webapp- gmail/extra- url-patterns. conf