Home/ Questions/Q 6042031
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T06:44:42+00:00

I am using a reverse proxy to enable ssl on a custom domain. The

  • 0

I am using a reverse proxy to enable ssl on a custom domain. The proxy works fine on the public pages, however when the user attempts to access a login_required directory the login url shifts them over to my appspot domain after sign-in.

Is there a way to keep users on the custom domain?

Here is my login handler:

class OpenIDLoginHandler(webapp.RequestHandler):
    def get(self):
        domain = self.request.get('domain')
        continue_url = self.request.GET.get('continue')

        if not continue_url:
            continue_url = 'https://my_domain/login_required_directory/'    

        if domain:
            self.redirect(users.create_login_url(dest_url=continue_url,
                _auth_domain=None,federated_identity=domain))
        else:               
            login_url = users.create_login_url(dest_url=continue_url,
                federated_identity='https://www.google.com/accounts/o8/id')         
            self.redirect(login_url)

application = webapp.WSGIApplication(
                     [                                       
                         ('/_ah/login_required', OpenIDLoginHandler)],
                     debug=True)    

def main():
    run_wsgi_app(application)

if __name__ == "__main__":
    main()

I’ve tried overriding the destination url in the users.create_login_url call – the function still returns a login_url with the appspot domain as the ‘continue’ parameter, like this:

https://appspot_domain/_ah/login_redir?claimid=https://www.google.com/accounts/o8/id&continue=https://appspot_domain”

I attempted simply rewriting the returned login_url and replacing the ‘continue’ parameter with my custom domain, but this resulted in a 404 error.

Any thoughts?

Thanks in advance!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’m not sure this is an option for you, but the next release of app engine claims to have support for ssl on custom domains (http://code.google.com/appengine/business/). If your application won’t be in production for a while maybe it would just be easier to wait until they officially add support. They appear to be on a ~3 month release cycle (http://code.google.com/appengine/docs/revision_history.html)

    • 0