Openbravo allows to select a default role to be linked to the new Openbravo users which will be automatically created by Openbravo as they want to log in by using a google account.
Fiels to note:
- Default Role, it is recommended to select the most restrictive role in the client, that means a role which only allows to log in. Later on client administrator can define additional roles for that new user.
- New user active checkbox allows that the new user remains active by default or not.
- Default checkbox allows to pick just one role in case of several roles configured.
The outcome of this process is shown in the image below:
Apache Tomcat configuration
URIEncoding: This specifies the character encoding used to decode the URI bytes, after %xx decoding the URL. If not specified, ISO-8859-1 will be used.
The default encoding for parameters in Apache Tomcat is ISO-8859-1 and that leads to this error:
ERROR org.openid4java.consumer.ConsumerManager - Verification failed for: https://www.google.com/accounts/o8/id?id=SomeToken reason: null ERROR org.openbravo.service.integration.google.GoogleAuthServlet - Error processing return of Google Auth Service:null
The solution is to set the encoding to UTF-8 in your connectors (depending on which one you're using)
<Connector URIEncoding="UTF-8" connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
More information at openid4java forum post