SAPUI5 Apps with secure and user-friendly logon and updates
This is my first blog on SCN which is somewhat late since I have been working with SAP since 1995. I am the CEO of a company called Neptune Software. My co-founder Njål Stabell has pestered me to become a more active SCN member for a while now so I finally gave in. Here we go.
There are many things that are important if you wish to succeed with a successful mobile implementation, in this blog I will focus on two aspects that are paramount but often forgotten:
- Easy and secure access to the backend system
- Automatic update of installed apps
I have been directly or indirectly part of over 40 SAP mobile implementations in the last two years. I have seen that one of the greatest barriers for user adoption of SAP apps is the authentication process. Imagine yourself having to enter your e-mail address and password every time you log on to your Facebook or Twitter app. The usage of these services on your phone or tablet will obviously decline drastically. The same is true for enterprise applications. Entering sap username and complex passwords using the keypad on your device is far from user-friendly. Unfortunately, most companies retain this, non-mobile friendly process, when launching their first enterprise apps which results in lower usage and thus reduces the return on investment which was the real reason to mobilize their workforce in the first place.
This was the reason that we introduced a new functionality called AppCache in the latest release of Neptune Application Designer – 2.20. This feature enables you to package your Hybrid SAPUI5 applications with passcode encrypted credentials and also provides you with a way to automatically update applications on the devices from the ABAP backend.
The end user now only has to enter his sap user and password the first time he uses an app on a specific device.
The next step for the user is then to choose a passcode that will AES encrypt the credentials.
Now to log into the app, the user only needs to add his passcode. Also the user can select to lock his app or you can use Phonegap events like onPause to protect access even if the device is stolen.
The setup of this feature is pretty simple. Just copy the standard Neptune_AppCache application and set the following parameters in the AppCacheSetup ScriptCode element in the Neptune Designer:
- AppCache.StartApp -> this is the launch page or menu page
- AppCache.PasscodeApp -> you can keep the default but are free to change it if you want more complex encryption
- AppCache.numPasscode -> a setting for how many attempts is allowed before the local content is wiped
- AppCache.enablePasscode -> If you do not want this feature (You then have to type username and password every time but still get the updating feature)
- AppCache.Client -> client number
- AppCache.Url -> External accessible url for your NW system
Here is a screenshot of how it looks in the designer:
Another useful feature is the ability to have several users on the same device. This is especially relevant where users share devices such as in the warehouse or retail stores.
Regarding updating of hybrid apps that are installed on the end users devices, we know that this has been a challenge for many SAP customers. The use of MDM (Mobile Device Management) and MAM (Mobile Application Management) solutions such as Afaria are a great help but we still see difficulties.
Updating the backend (importing a transport to the productive SAP system) at the same time as you are distributing the updated application and users actually perform the updating of the app is often a cumbersome and new area of software logistics the typical SAP department do not wish to add.
So to smoothen this process we implemented a storage of apps in the AppCache using the local storage. Whenever the user logs on both the version of the app as well as the language is checked. If there is a new version (which is automatically updated when code is activated in the designer) or the user changes his language, the app is automatically updated.
Here is a screenshot of how it looks in the local storage:
We also added a monitor for admin usage, and here is a screenshot from an iPhone of where AppCache is used on our standard HCM template
I hope you got something out of this first blog I created for SCN. And even if you do not use Neptune the general concept should be of interest anyhow.