Chapter 16: Securing a Web Application Using Google Accounts, OpenID, and OAuth
This chapter presents Google’s APIs for authenticating users and authorizing access by third parties. It starts by explaining Google Accounts API then discusses the use of OpenID for external identity providers. The OAuth API, which allows your application to securely expose data to third-party applications, is demonstrated next. This chapter ends with a brief discussion of general security concerns specific to the App Engine.
Authenticating Users with Google Accounts
In most web applications, you want to be able to store data for your users. You also want to be sure that users cannot read or modify each other’s data. Even when users’ data is of a public nature, you ...
Get Essential App Engine: Building High-Performance Java Apps with Google App Engine now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
