cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

What are the options available to build consumer apps with SAP backend?

Go to solution
Former Member

on ‎12-12-2012 6:09 AM

0 Kudos

SMP being a MEAP, cannot be used to develop consumer apps due to the user license costs.

Netweaver Gateway seems to be a good option. But how can we handle security, scalability and connecting to multiple backends?

Would like to hear from the other community members regarding the available options

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

rohith_deraje
Advisor
Advisor
‎12-12-2012 3:24 PM
0 Kudos

Hi Hussain,

Gateway is not a mobile application development platform. Gateway is needed to expose your backend data in the form of oData (RESTful services). Ofcourse you can consume the oData directly from mobile applications without SUP. However to take care of device administration,monitoring and security, you need to use SUP-ODP along with Gateway.

Regards

Rohith

Show replies
Show replies
Former Member
‎12-16-2012 7:52 AM
0 Kudos

Thanks Rohith for your response.

My question is more towards "Which platform among SAP's mobility offerings can be used to build Consumer-facing apps?"

Using SUP does not make sense due to the user license costs involved. As an alternative, Netweaver Gateway might be used and the services can be consumed directly on consumer mobile devices using OData. But then is this a secure approach? How can we protect the organization data from unauthorized access? Is there a better alternative?

sujith_prathap
Advisor
Advisor
‎12-17-2012 6:08 AM
0 Kudos

Hi Muzaffar,

                    The approach that you are talking about, has a few points of concern.

User Management:

You could use the gateway to consume the odata services directly, but how would you able to manage all the user accessing the system? If you have different levels of users(Admins, Grade 1, Grade2, etc) how would be able to manage them all. SUP helps you take care of user management and helps you to focus only on the development of your app solely, while the other complexities are managed by SUP.

Security:

If you were trying to access data that is open to all then your approach of contacting the gateway directly would work. But that is not the case with most of the data associate with companies. There are parts of the data that you would like people not to be able to access. For eg: A company's clients. This data can be easily accessible with a few modifications in the URL in the Direct Gateway Scenario.

Scalability:

Scalability is one of the major advantages whilst using SUP. Let us take the example where you develop an app using the Gateway URL that is directly hard-coded in your app. At a later point of time, you are forced migrate your data to a different Gateway URL. The direct Gateway approach would then force you to create another app which you would have to force the user to install again. Whereas, using SUP all you would have to do is to change the SUP Application Endpoint and your new Gateway URL would be updated in your app.

Your questions:

Is this a secure approach?

No, this is not a secure approach as allowing free access to all data is a big security threat.

How can we protect the organization data from unauthorized access?

Well, a round about approach would be to create separate service document's for different types of users and hard-code user specific URL's in your apps. But, this would be cumbersome in the long run, as organizations scale, app scalability would become a problem.

Is there a better Alternative?

Like Annette, says you could go use syclo. But, the future road map for Syclo has not yet been clearly laid out. Hence, currently I do not think that there is a better alternative. SAP supports SUP. So why go for anything else?

Former Member
‎12-17-2012 8:19 AM
0 Kudos

Thanks Sujith for a detailed clarification.

I am in agreement with your suggestions. Now my only concern is user management in case of apps used by consumers. The issue is that any consumer who wants to use the app, has to be first on-boarded on Runtime Server. This may not be practical as they are non-enterprise users and so we are not interested in managing their devices.

Is it possible to avoid the SMP user license cost for every user who uses the app while providing access to SAP backend via SMP?

sujith_prathap
Advisor
Advisor
‎12-18-2012 7:08 AM
0 Kudos

Looking at your requirements, it looks like you need user management without device management.

This is an interesting question.

Unfortunately, user management in the SAP context  is done only by using SUP.

The SUP Approach:

From the SUP point of view, what i would suggest to you would be to host the server yourself and then mail the usernames and passwords to the users that want to use the system. This way you can control the user management and also have accountability.

The Non-SUP Approach:

The only alternative that i can think of is to contact the gateway as you suggested, but opting for such an approach, personally, I do not think that is a very secure way to work. What you could try to do is, create separate user for the different users on the gateway and then perform validation for the users on the gateway. This approach has many pitfalls like scalability, accountability, security. I personally would not recommend this approach to anyone.

Former Member
‎12-18-2012 11:42 AM
0 Kudos

Thanks once again Sujith. Yes, from scalability, accountability and security perspective, the Netweaver Gateway without SUP is not a robust solution.

I think I finally found what I was looking for in SUP 2.2, the latest release. Pasting an excerpt from the SCC documentation for SUP 2.2:

Anonymous Access Security Configuration
Allow unauthenticated users access to application data, for example, applications that allow users to browse a read-only product catalog without logging in by assigning the anonymous security configuration to the application.
The anonymous security configuration:
• Is a preconfigured user name/password login module that accepts the user name "anonymous" and the password "anonymous". User name is not case sensitive, but password is.

• Cannot be modified.
• Can be enabled when manually creating an application with anonymous access or when setting anonymous access for an existing application by creating an application connection template for it that uses the anonymous security configuration.

So this resolves my problem of user access in consumer apps. (hopefully!)

Answers (1)

Answers (1)

Former Member
‎12-12-2012 4:34 PM
0 Kudos

Check out Syclo Agentry to see what B2C capabilities are available outside of SUP for now. See http://sap.syclo.com.

Cheers,

Annette

Show replies
Show replies
Former Member
‎12-16-2012 7:54 AM
0 Kudos

Thanks Annette, but I really could not find any possibilities on Syclo for B2C. Can you give me some specific directions?

Ask a Question