If you can click the Google Sign-In button on the SSL login page but nothing happens, the user is not authenticated, cannot get past the SSL or non-SSL login page, and cannot browse to the Internet.
Step 1 - Check cookies
Google makes use of cookies to authenticate users. If the user's browser is setup to not store cookies, Google authentication will not work. Note that cookies are not shared between browsers, so cookie storage must be enabled for all potential browsers that could be used on the network device.
Step 2 - Check names
If there's a mismatch between:
- The host name of the Smoothwall hosting the SSL or non-SSL login page, and the one entered in the Google Developer's console for the Authorized JavaScript origins and Authorized redirect URI parameters see Where do I get the Client ID and Client Secret from for Google authentication?.
or
- The URL configured for the Authorized JavaScript origins and Authorized redirect URI parameters in the Google Developer's console, and the type of SSL login page used (that is, HTTP configured but SSL login page used, and vice versa).
One or both of these scenarios would leave users' credentials being rejected as they would be seen as coming from an unauthorized source.
Step 3 - Check you are Certified for Smoothwall
You use the SSL login page, and have HTTPS configured for both Authorized JavaScript origins and Authorized redirect URI parameters, but your end-users are getting a certificate error before getting to the SSL login page. If they accept the certificate error, the Google Sign-In button on the SSL login page does nothing.
You must install the HTTPS certificate (downloaded from Services > Authentication > Google > Chromebook settings section) to all network devices used generally speaking you can use something similar to a Group Policy Object (for Active Directory networks) or an Administration Console (for Google networks) to push out the certificate to all devices.
Check if you are inspecting Google
If the HTTPS Do not inspect policy (see Guardian HTTPS Do Not Inspect Policy) has been created for specific groups rather than for Everyone, you may find that users have a MITM warning when pulling in the JavaScript required for the Google Sign-In button. Note that this warning may not be displayed in the browser itself, but instead in the browser's console.