on 04-22-2014 12:35 PM
Hello,
I have developed a Mobile App using SAP UI 5 framework, HTML, JavaScript and Apache Cordova / PhoneGap.
The app is completed, but I am still stuck with the Login Authentication task. The code which I have written, pertains to OData Service based BASIC Authentication using Username and Password(which the user enters through the app's UI). The code works fine for Valid Login credentials, but doesn't work at all, when the user enters Invalid credentials.
I came to know that instead of using BASIC Authentication (with Username and Password), either of SSO / SSL / X.509 or SAML based Authentication mechanisms needs to be used for SAP UI5 mobile app.
I Researched and found some links which speak about SSO Authentication but are either for Java EE or Microsoft .Net applications(and they are irrelevant in my context).
I am looking for code, which is in JavaScript, as I my entire app is HTML, JavaScript with SAP UI5 framework and I have also used Apache Cordova/PhoneGap to transform my HTML and related project files into an iOS app( and later will be morphed into an Android app as well).
It would be of great help, if I could get any sort of help, either in the form of sample code or some leads.
PLEASE NOTE ->
Thanks and Regards,
Suraj Kumar Y Midgay
Hi Suraj!
In order to get your app up and running with the X.509 certs have a look at this wonderful OpenSSL implementation in JavaScript: https://github.com/digitalbazaar/forge#x509
Assuming you have an Apache or equivalent webserver handling the authentication process you do need to configure it properly.
Here are two really helpful tutorials how to do it in Apache:
Depending on the client certificate creation process (either generating locally via forge or deploying it to the user) you need to use the forge.http or forge.tls request methods in order to use the TLS implementation correctly.
HTTP:
var request = forge.http.createRequest({method: 'GET', path: url.path});
or
TLS:
varclient=forge.tls.createConnection(...);
Between that you can either use the oData auth or configure the server accordingly to accept the x.509 certs and pass it to the SSO service.
Happy Coding!
Peter
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Peter,
I appreciate your effort and Thank you for providing the info and the links.
I have gone through them. It might be really helpful for me when I would work on a requirement with Apache Server.
For now, I am looking for X.509 / SSO or OData BASIC Authentication on SAP Netweaver Gateway Backend.
Currently, Apache Server is not in my project scope or landscape. I am just using Apache Cordova/PhoneGap, which is a tool to simply create an iOS, Android, Blackberry app template, which will house the HTML, JavaScript and other SAP UI5 related framework files, etc.
I am really thankful to you, for coming forward and share the info.
Thanks and Regards,
Suraj Kumar Y. Midgay
Hi Suraj,
ok, I guessed you have the secure configuration with proxy and auth described here: Web Application Scenario.
Basic OData auth can be done with this sample code:
var sServiceUrl = 'https://host/SERVICE';
var sUser = 'username';
var sPassword = 'password';
var oModel = new sap.ui.model.odata.ODataModel(url, true, username, password);
For more, please have a look at the according API Reference for oModel.
Hope this helps for your request?
Happy coding!
Peter
Hello Peter,
I have alreadt tried a similar piece of code earlier and the code snippet shared by you.
But I could not get the expected result out of it. Moreover, I believe the the Username and Password, can not be transmitted in plain text format. Hence I even tried modifying the above code snippet by adding "authorization" tag and encrypting the credentials. And this too was of no effect.
To understand my issue more clearly, please refer one of my posts
Thank you for the code snippet and the links.
Thanks & Regards,
Suraj Kumar
Hi,
I have a few hints/suggestions.
Thanks
Tim
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Tim,
Thanks for your prompt and kind response.
As this is my first app in SAP, I am not much aware of the best mechanism to be used for the Authentication.
I was told by someone that SSO is a better way for authentication and is much better than asking the user to enter the login credentials.
Requesting you to through some light on this and guide me in further aspects of authentication approach with the pre-requisites and necessary Set-Up.
I would be grateful towards your valuable co-operation.
Thanks and Regards,
Suraj Kumar
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.