Note : this blog will only show you how to create SUP users and how to authenticate them through the provided LDAP server in the SUP Personal Developer Edition. Read the official documentation carefully if you want to setup security on a production system.
SUP Personal Developer Edition comes with an OpenDS LDAP server. New SUP users will have to be created on this LDAP server using the following procedure :
Launch Apache Directory Studio (C:\Sybase\UnwiredPlatform\Servers\UnwiredServer\apacheds\studio). Create a new connection (LDAP > New Connection…) :
Fill in the required fields, click on Check Network Parameter to check the settings then Next :
Choose the Simple Authentication method, then indicate (default password for the Directory Manager is secret), click on Check Authentication then Finish:
Right click on the supUser entry in the LDAP browser view and select New Entry…:
Select Use existing entry as template then click twice on Next :
Indicate the name of the new user (i.e mysapuser) then click Next :
In the Attributes screen, double click on the userPasswordfield to define a new password :
Note : do not change the Hash Method, the password will be encrypted automatically when the user is created.
Add the new user to the SUP User group by clicking on the group and adding a new value.
There are several options to authenticate users using SUP. In this scenario, we will authenticate the users through the provided OpenDS LDAP server.
If you want the user to enter his/her credentials when the application starts, you just have to add a login screen to your application. You can use the provided template to automatically create one :
You can also create a profile screen to store the user’s credentials. There’s a template for this screen as well, so you only have to drag and drop the Profile screen in the Settings Screens to create one :
Note : the new profile screen will be accessible through the standard BlackBerry options screen :
Instead of using a generic username/password to connect to the SAP backend and execute the BAPIs, you may want to use the user credentials stored in the mobile device application. This can easily be done during the Mobile Business Object creation by mapping 2 predefined personalization keys called usernameand password :
Note : for this to work, the LDAP credentials must be identical to the SAP backend credentials.