/wp-content/uploads/2014/09/05_538556.png

Hi everyone.

Onboarding. User on-boarding is the process of registering a user and giving them appropriate access to data and applications. SMP offers the proven onboarding scheme together with the API.

OData SDK bundles the Mobile Application Framework(MAF) UI. With the MAF UI, you can use the out-of-the-box onboarding features with very minimal development effort.

/wp-content/uploads/2014/09/maf01_538557.png/wp-content/uploads/2014/09/maf02_538558.png

Let’s have a look at the typical onboarding implementation with MAF UI.

01  MAFLogonUIViewManager *logonUIViewManager = [[MAFLogonUIViewManager alloc] init];
02  [logonUIViewManager.logonManager setApplicationId:appID];
03  [logonUIViewManager.logonManager setLogonDelegate:self];
04  [logonUIViewManager.logonManager logon]; // Shows MAF UI

The appID in #02 is the application id, which is configured in the SMP server. #03 is for the delegate named MAFLogonNGDelegate. #04 renders the MAF UI for end user. Once the end user entered all the onboarding info (SMP server name, credentials, etc.), the logonFinishedWithError: method is called back – this method is defined in the MAFLogonNGDelegate. Once the method is called back, make sure we configure the HttpConversationManager in the logonFishedWithError:.

01  -(void) logonFinishedWithError:(NSError*)anError
02  {
03    ...
04    HttpConversationManager *httpConvManager = [[HttpConversationManager alloc] init];
05    [[logonUIViewManager.logonManager logonConfigurator] configureManager:httpConvManager];
06    // onboarding completed
07  }

Remember the HttpConversationManager in the blog#02? Once completing the steps above, we can happily use the HttpConversationManager instance to create the ODataStore instance.


One remark is the logonUIViewManager needs the topmost ViewController so it can display the logon screens as modal screens on top of it. This code demonstrates how to set the current ViewController as the parentViewController of the logonUIViewManager.


Note: You have to make sure the parentViewController is set before the logon method gets called.

01  - (void)viewWillAppear:(BOOL)animated
02  {
03        ..
04    logonUIViewManager.parentViewController = self;
05        ..
06  }

Once the onboarding is completed, we can access the user specific onboarding data. This code fetches the OData application endpoint URL that routes the SMP server as a content proxy.

01  MAFLogonRegistrationData *regData = [logonUIViewManager.logonManager registrationDataWithError:&error];
02  NSString *endpointUrl = regData.applicationEndpointURL;

That’s all for the onboarding step with MAF UI. Without onboarding, you can’t obtain the ODataStore instance, so it is a must knowledge for you.


Next one is offline API 🙂



See you in the next blog,

Ken


List of blogs

To report this post you need to login first.

15 Comments

You must be Logged on to comment or reply to a post.

  1. Sao Vu

    Hi Ken.

    Thanks you for your blog. I am following your blog: “How to enable user onboarding using MAF and OData SDK SMP3 SP5”. Unfortunately, when i add libraries of MAF from my folder: “..\SAP\MobileSDK3\NativeSDK” to my app, i meet LINKER ERROR problem. I describe it in this thread

    Getting linker error with Native iOS App using MAFLogon library

    I cannot understand why i meet that error? Can you help me to resolve this problem?

    Thanks and Regards,

    Sao Vu.

    (0) 
      1. Sao Vu

        //Updated

        Hi Ken,

        I removed some library file so it does not works, stupid action 🙂 .

        Thanks for your helping, it is the solution for my problem.

        Thanks and Regards,

        Sao Vu.

        (0) 
  2. Sao Vu

    Hi Kenichi,

    When i try to run your app ( at your blog How to..), the start Screen with button “Logon” and “Try out” appear. When i click on “Logon” button, my app suddenly crash. It doesnt not appear the detail Screen to config information about backend, server, port,… And when i rerun app, it suddenly crash without display the first start Screen.

    When i look at your sample code, i cannot find the 04 command: [logonUIViewManager.logonManager logon]; // Shows MAF UI

    I just see 01,02 and 03 command

    So, how can i configure the detail information to run the app?

    (0) 
    1. Kenichi Unnai Post author

      Most likely your Xcode project has the default behavior of MobilePlace = true. This causes the crash if you don’t use the mobile place feature (only available at HCPms right now).


      Please have a closer look at the doc here: http://scn.sap.com/docs/DOC-60128

      And Caution (1) and (2) section around the end of the doc explains how to fix it.

      (0) 
      1. Sao Vu

        Hi Kenichi,

        How to configure the backend and information to connect to SMP 3.0 SP 05 server ?

        I try

        – Server = smp 3.0 server ip

        – user name and password= admin user ( for sure connect)

        – and port = 8083 ( because sp 05 use https connection)

        – App Id = com.FPT.BookDB

        Screen Shot 2015-04-01 at 3.29.04 PM.png

        This is my server detail

        Screen Shot 2015-04-01 at 3.29.24 PM.png

        It cannot register my app to server. Did i wrong config?

        When i check the xCode log: Cannot find keyplane that supports type 4 for keyboard iPhone-Portrait-NumberPad

        Thanks and Regards,

        Sao Vu.

        (0) 
        1. Kenichi Unnai Post author

          Yup you’re typing wrong values. You’re not onboarding SMP admin console via MAF UI.

          Default port # without SSL should be 8080, while the SSL should be 443. You don’t supply the admin account – it is something you configure through the application connection’s security setting. Your app consume the OData backend and you need to supply credentials for it if it is basic authentication. They are the credentials you need to supply in MAF screen.

          (0) 
          1. Sao Vu

            Hi Kenichi,

            Thanks for your comment.

            I changed:

            – server = smp server ip

            – Account = admin account . Because i use system admin logon for Security that i provide for app.

            – Secured Channel ( yes) because connect to HTTPS server backend

            – Port = 443

            – Security Configure: = BookSec.

            Did i wrong at some thing ???

            And how can i supply credentials of OData backend to MAF Screen??

            //this is information about security and its connection/wp-content/uploads/2015/04/1_675861.png

            /wp-content/uploads/2015/04/2_675862.png

            (0) 
            1. Kenichi Unnai Post author

              Okie I think you got confused (I’m confused too..)

              >And how can i supply credentials of OData backend to MAF Screen??


              The credentials you supply in MAF UI is the ones for Security setting in App config. so typically the OData endpoint should challenge the end user for the credentials by means of Basic authentication or … things like X.509 (considered most secure)


              So if you just want to get onboard, you could configure the app so that it doesn’t require any authentication (I haven’t done it though) and just supply whatever userid & passoword, it should simply ignore your credentials and gets onboard (this is in theory)



              (0) 
  3. Hossam Abdelazeem

    Hi Kenichi Unnai

    I have a question regarding onboarding.

    I have a use case and I don’t know how I can implement this with OfflineStore.

    I need the user when login 1st time to open offline store and download data then If he/she closed the application and open it again I don’t want to let the user have access to the app, I need the user to enter a passcode to open the application again without re-downloading the offline store again, I know this is exactly the case when you use the out-of-the-box pass code, but I’m not using MAF UI, I’m implementing my own login user interface.. (1) How can I do this using MAF Core? And if it is not supported out of the box, (2) can I use the secure vault to save the passcode?

    Another question, (3)Can I set an session expiration time, for example, if the user closed the app and open it immediately the application will open without pass code, if the user close it for let say 5 min, then if he tried to open app again he should enter pass code .. Can this be implemented using MAF core or I have to handle this by myself?

    Thanks,

    Hossam

    (0) 
    1. Kenichi Unnai Post author

      Those are interesting questions. I assume you have this H2G?

      1> You can unlock the store by the method “unlockSecureStore:“, I guess you already know it in the H2G code. The store will be opened until the stop of the application or release of the LogonCore instance. The store will not be gone unless you drop it.

      The sample code uses the hardcoded value “abcd1234” for the sake of the simplicity – you might want to build your UI to ask end user to enter it by themselves (depends on your security requirement)

      One remark is the value needs to fulfill the “Client Password Policy” setting, which you can configure in the Admin console (CLIENT POLICY).

      2> I believe the answer above covers your question.

      3> Generally you need to call the unlockSecureStore method if your app stops. If you want that behavior, you would need to come up with your custom logic which checks if the end user needs to enter the passcode or just let them in with the passcode they supplied, which was defined during “persistRegistration:” method internally.

      (0) 
  4. Julien NICCO

    Hi Kenichi,

    I use the onboarding with SAML Authentication and I search to find the username after registration.

    But when I try to use :

    MAFLogonRegistrationData *regData = [logonUIViewManager.logonManager registrationDataWithError:&error];

    regData.backendUserName is empty.

    Do you know how to retrieve the username of user that comes to register with SAML?

    Regards.

    (0) 
    1. Kenichi Unnai Post author

      Have a look at the API doc for this – it is a part of the SDK installation. There’s HttpConvAuthFlows-APIDoc.zip file and unpack it. Here’s the excerpt:

      (SAML2ConfigProviderProtocol of HttpConvAuthFlows)

      – (void) provideSAML2ConfigurationForURL: (NSURL *) url

                    completionBlock: (NSString *) responseHeader

                                                (NSString *) finishEndPoint

                                                (NSString *finishParameters) completionBlock

      Called when SAML2 authentication is needed for request execution.

      Parameters:

      url : url which secured with SAML

      completionBlock  : call the completionBlock when provider finishes its tasks. All the parameters are mandatory.

      …here’s some more idea:

      • identify the HTTP header key sent by the platform to tag a SAML response
      • Specify the endpoint path where the redirect will happen upon a successful SAML authentication
      • Specify the URL parameter that will be set when the redirect happens
      (0) 

Leave a Reply