Filtering Both Chromebook and Non-Chromebook Device Users

The solutions provided are described in isolation to each other. It's viable to have a combination of Connect for Chromebooks and SSL / non-SSL login pages for authentication:

If your Connect for Chromebooks solution uses Google verification, do the following to use SSL / non-SSL login pages as well:

  1. On the SERVICES menu, under the Authentication submenu, click Google.
  2. Under the Google settings section, select Google Sign-In button.
  3. Click Save changes.

Connect for Chromebooks uses HTTPS to communicate with Google's OAuth servers. This is suitable for SSL login pages, and you don't need to do any further configuration.

However, if you want to make use of non-SSL login pages (for authentication over HTTP), add the following to the web application you created in the Google API Console, see our knowledge base article, Where do I get the Client ID and Client Secret from for Google Authentication?:

Your web application's Restrictions should resemble:

Connect for Chromebooks solution trusts the users' Google G Suite domain credentials

Do the following to use SSL / non-SSL login pages:

WARNING: Be aware that by turning on Validate user identity, you're changing the behavior of the Connect for Chromebooks extension from trusting to verifying. We recommend that you make your end-users aware of this, especially as they must interact with the client login page as part of their authentication.

  1. To create a Client ID and Client Secret, see our knowledge base article, Where do I get the Client ID and Client Secret from for Google Authentication?.
    1. If you want to use both SSL (for authentication over HTTPS) and non-SSL (for authentication over HTTP) login pages, enter both HTTPS and HTTP versions of the Smoothwall Filter and Firewall hardware appliance's host name in Authorized JavaScript origins and Authorized redirect URIs:
    2. Note: The HTTP version doesn't need the port number.

    3. For just SSL login pages, use the HTTPS version
    4. For just non-SSL login pages, use the HTTP version
  2. On the SERVICES menu, under the Authentication submenu, click Google.
  3. Under the Google settings section, select Google Sign-In button.
  4. Select Validate user identity.
  5. Two new parameters appear. Enter the Client ID and Client secret created in step 1.
  6. Customize the client login page.
  1. Click Save changes.

If you don't have Connect for Chromebooks or SSL or non-SSL login authentication pages setup, we recommend that you configure Connect for Chromebooks using Google verification first, including setting up all additional configuration, then enable SSL or non-SSL login pages. This way, you've all relevant filtering policies in place first to catch any users who might browse while you're still setting up.

Something not right? .