In this series of blog entries we will describe the development of a mobile chat app using SAP NetWeaver Cloud as a backend. The last time we explained how we realized push notifications. Now we want to explain how we enabled user authentication for our app.
In the past our web service offered all information you requested – e.g. you could access all chat messages as long as you know the right chat room-id. Of course that should not be possible in our productive version – that’s why we need authentication to give the users the permission to request only their own chat room messages.
Authentication on NW Cloud
Our solution for authentication for our Twaddle web service
To sum up this paragraph: We implemented an extra servlet whose only function is to provide new users an authentication token. This servlet is protected using the SAML authentication. All the other functions of our web service (accessing chat messages/all users, sending messages) use neither SAML nor HTTP Basic because the authorization process would take too long. Instead to consume the general web service functions you have to maintain an authorization token, which is unique for every user. Whenever the web service needs to know which user sends the request it can reverse look-up this token.
Our implementation of our approach in iOS
Just to summarize this part: We watch the UIWebView and wait what URL it wants to load, then we let the NSURLConnection do the real loading of the website. So the UIWebView parses HTML and the NSURLConnection does the real HTTP calls and reacts with authentication challenges.
We hope our explanation about user authentication was useful for you. Unfortunately this will be our last blog post regarding Twaddle for now. We always appreciate your feedback so please feel free to suggest any ideas of improvement.
Blog series overview: