on 08-06-2014 2:07 PM
Dear Experts,
We have implemented a cross platform mobile application by using Phonegap. App interacts with SAP gateway & ECC database using oData
services.The services use SAML authentication to authenticate user or to provide access to the requested resource.
Did anybody get a chance to work on SAML authentication from javascript.
Is there any open source component/framework/api which makes SAML authentication easier.
Appreciate your help.
Thanks,
Uday.
Hi Uday,
We have successfully developed the SAPUI5 web application hosted in Netweaver Gateway using SAML authentication. However, when we try to implement the same web application in Android/iOS device using Cordova/Phonegap, we have some problem.
Here is how we implement the SAML authentication:
In the app, we open an Overlay Container with iFrame inside point to a login.html page hosted in Netweaver Gateway server that is SAML protected (see openSAMLLogin below). It will create a SAMLRequest and redirect to SAP ID service which will display a login page, after user enter the valid user/password, it will redirect back to login.html page. Inside the login.html (see source below), it call postMessage with status:“login_ok” to origin (SAPUI5 web app) which hosted in the same Gateway server, when the app receive the status message=”login_ok”, it will close the Overlay Container and update the UI to login state. Everything work fine, when we port the web application to Apache Cordova (aka Phonegap), it give us a SecurityError.
SecurityError: Blocked a frame with origin "https://xxxxxx.sap.com" from accessing a frame with origin "file://". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "file". Protocols must match.
Did anyone encounter similar issue when working on Cordova app? Is there a solution or work around on it?
Any help will be much appreciated?
openSAMLLogin : function() {
//Overlay Container to display SAML Login page
jQuery.sap.includeScript("https://accounts.sap.com/ui/resources/javascripts/SAP_IDS.js", null, function () {
var oLoginContainer = sap.ui.getCore().byId("login_container");
if (!oLoginContainer) {
oLoginContainer = new sap.ui.ux3.OverlayContainer("login_container", {
openButtonVisible : false
});
}
var oHTML = sap.ui.getCore().byId("login_iframe");
if (!oHTML) {
oHTML = new sap.ui.core.HTML("login_iframe", {
sanitizeContent : false
});
}
oLoginContainer.removeAllContent();
oHTML.setContent('<iframe id="IDS_UI_Window" ' +
'src="https://' + util.ODataAccess.getHostName(gHostName) + '/esa_saml/login.html' +
'width=100% height=100% margintop="0" marginleft="0" align="left" frameborder="0" scrolling="no" allowtransparency="true"><p>Your device does not support iframes.</p></iframe>');
oLoginContainer.addContent(oHTML);
oLoginContainer.open();
});
},
login.html
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="cache-control" content="no-cache, no-store" />
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="expires" content="0" />
<script>
var parentUrl = parent.document.location.protocol + '//' + parent.document.location.host;
parent.postMessage({
"status": "login_ok"
}, parentUrl);
</script>
</head>
<body></body>
</html>
Best Regards,
Kam
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.