Skip to Content
Author's profile photo Ole-Andre Haugen

SAPUI5 Apps with secure and user-friendly logon and updates

This is my first blog on SCN which is somewhat late since I have been working with SAP since 1995. I am the CEO of a company called Neptune Software. My co-founder Njål Stabell has pestered me to become a more active SCN member for a while now so I finally gave in. Here we go.

There are many things that are important if you wish to succeed with a successful mobile implementation, in this blog I will focus on two aspects that are paramount but often forgotten:

  1. Easy and secure access to the backend system
  2. Automatic update of installed apps

I have been directly or indirectly part of over 40 SAP mobile implementations in the last two years. I have seen that one of the greatest barriers for user adoption of SAP apps is the authentication process. Imagine yourself having to enter your e-mail address and password every time you log on to your Facebook or Twitter app. The usage of these services on your phone or tablet will obviously decline drastically. The same is true for enterprise applications. Entering sap username and complex passwords using the keypad on your device is far from user-friendly. Unfortunately, most companies retain this, non-mobile friendly process, when launching their first enterprise apps which results in lower usage and thus reduces the return on investment which was the real reason to mobilize their workforce in the first place.

This was the reason that we introduced a new functionality called AppCache in the latest release of Neptune Application Designer – 2.20. This feature enables you to package your Hybrid SAPUI5 applications with passcode encrypted credentials and also provides you with a way to automatically update applications on the devices from the ABAP backend.

The end user now only has to enter his sap user and password the first time he uses an app on a specific device.


The next step for the user is then to choose a passcode that will AES encrypt the credentials.


Now to log into the app, the user only needs to add his passcode. Also the user can select to lock his app or you can use Phonegap events like onPause to protect access even if the device is stolen.


The setup of this feature is pretty simple. Just copy the standard Neptune_AppCache application and set the following parameters in the AppCacheSetup ScriptCode element in the Neptune Designer:

  • AppCache.StartApp -> this is the launch page or menu page
  • AppCache.PasscodeApp -> you can keep the default but are free to change it if you want more complex encryption
  • AppCache.numPasscode -> a setting for how many attempts is allowed before the local content is wiped
  • AppCache.enablePasscode -> If you do not want this feature (You then have to type username and password every time but still get the updating feature)
  • AppCache.Client -> client number
  • AppCache.Url -> External accessible url for your NW system

Here is a screenshot of how it looks in the designer:


Another useful feature is the ability to have several users on the same device. This is especially relevant where users share devices such as in the warehouse or retail stores.


Regarding updating of hybrid apps that are installed on the end users devices, we know that this has been a challenge for many SAP customers. The use of MDM (Mobile Device Management) and MAM (Mobile Application Management) solutions such as Afaria are a great help but we still see difficulties.

Updating the backend (importing a transport to the productive SAP system) at the same time as you are distributing the updated application and users actually perform the updating of the app is often a cumbersome and new area of software logistics the typical SAP department do not wish to add.

So to smoothen this process we implemented a storage of apps in the AppCache using the local storage. Whenever the user logs on both the version of the app as well as the language is checked. If there is a new version (which is automatically updated when code is activated in the designer) or the user changes his language, the app is automatically updated.

Here is a screenshot of how it looks in the local storage:


We also added a monitor for admin usage, and here is a screenshot from an iPhone of where AppCache is used on our standard HCM template


I hope you got something out of this first blog I created for SCN. And even if you do not use Neptune the general concept should be of interest anyhow.

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Former Member
      Former Member

      Great that you finally got around to blogging on SCN 🙂

      Author's profile photo Fabio Di Micco
      Fabio Di Micco

      Thanks Ole-André for sharing.

      This is a very cool features in the latest release of Neptune Application Designer.


      Author's profile photo Nicolay Wildhagen
      Nicolay Wildhagen

      Excellent blog Ole-André.

      I have been working with the new release and incorporated the AppCache functionality with new and existing client development projects. The new AppCache solution offers great improvements for me as a developer, however most importantly adds even greater value for the customer and end user. Deployment of new features/applications and updates is thanks to the new features no longer a process where I have to deploy a new installation file for the end users. Any new features and updates the client is requesting I can now add on the fly!

      The end users are also very happy to not only get a much nicer looking logon app, however also a logon procedure that is much quicker and more user friendly.

      Great update guys!

      Author's profile photo Former Member
      Former Member

      Great blog post, this new feature is really great and exciting.

      Thanks for sharing 🙂 .

      Author's profile photo Frank Koehntopp
      Frank Koehntopp

      I like that. A lot, actually.

      We need more of these pieces of secure re-usable code to include in apps, so not everyone has to hack that kind of code and most likely does it in an insecure way.

      Will that only be available for Neptune users?

      Author's profile photo Frank Koehntopp
      Frank Koehntopp

      Two recommendations:

      - you may want to host the AES part yourself unless you want to risk others messing with it. If you rely on critical code this is a bad idea.

      - pull it in through https if you want to make sure it actually is what you think it is 😉