9 Replies Latest reply: May 13, 2013 5:58 PM by Shay Shmeltzer-Oracle RSS

    ADF Mobile : Authentication

      Hi All,

      In iOS settings we can configure user name / password.
      And when we open the app it should authenticate with that and directly present to home page. If details are not provided in settings i want the login page to get displayed.
      Please suggest how can we do that?

      Also how will it behave for android?

        • 1. Re: ADF Mobile : Authentication
          John Stegeman
          Did you read (dramatic music plays) [url http://docs.oracle.com/cd/E35521_01/doc.111230/e24475/security.htm]the documentation
          • 2. Re: ADF Mobile : Authentication
            Thanks for your reply.
            Yeah i read that. But ti doesn`t say about Settings in iOS.
            How can i have username password endpoint there for an app ?

            Even the Leave Approval App which oracle is demonstrating in Oracle Tech Days has this feature.

            • 3. Re: ADF Mobile : Authentication
              Arunkumar Ramamoorthy-Oracle

              Always mention your JDev version.

              You don't need a special configuration for iOS. The link provided by John will give you an idea on enabling security and it is same for both Android and iOS.

              • 4. Re: ADF Mobile : Authentication
                I have read adf mobile security given in dev guide many times. But my requirement is little different.

                In iOS settings all the applications are listed and there we can specify application specific properties.
                I want to have user password info there.
                Please suggest how can i put few properties about my application there and how can i read them?

                I want to pass that user pasword in all my webservice call and if the credential is not correct then user will be redirected to a login page.

                Please suggest how can i implement this.

                • 5. Re: ADF Mobile : Authentication
                  I am using jdev
                  • 6. Re: ADF Mobile : Authentication
                    Suggestions plz.
                    • 7. Re: ADF Mobile : Authentication
                      Shay Shmeltzer-Oracle
                      I'm not exactly sure what you are asking for.
                      If you want to store the username and password for a user as a preference of an application then you can use application preferences to do that:

                      However instead of doing it this way, I think a better approach is to use ADF Mobile's built in feature for local authentication - where ADF Mobile handles this for you.
                      From: http://docs.oracle.com/cd/E37975_01/doc.111240/e24475/security.htm#CDDCGAFD

                      local—Select if the application will allow users to authenticate against locally stored credentials on the device. After the user's first successful authentication to a remote server, ADF Mobile persists the credentials locally within a credential store in the device. These credentials are used for subsequent access to the application feature. See also Section 18.4.11, "What You May Need to Know about Web Service Security."
                      • 8. Re: ADF Mobile : Authentication
                        Thanks Shay. That was helpful.

                        As per dev guide:
                        For secured web services, the user credentials are dynamically injected using ADF Mobile uses Oracle Web Services Manager (OWSM) Lite Mobile ADF Application Agent to create and configure proxies, as well as to request services through the proxies. The user credentials are injected into the OWSM enforcement context when proxies are configured.

                        a) Is it possible i can programatically set credentials in the header by getting it from preferences or i can somehow update credential key ?
                        b) Is it possible to inject user credentials with webservice request without creating "regular" web ADF application, secure it, and deploy it on a server?
                        c) Is configuration Services any how related to this?
                        I already have a secured webservice and i don`t want any extra authentication through login page or by creating a new app as login server.
                        I just want pass username/password stored in application level preferences in the header of all my webservices ?

                        Please help.

                        • 9. Re: ADF Mobile : Authentication
                          Shay Shmeltzer-Oracle
                          B - You don't need a regular ADF application on the server - you just need to have a URL that is protected with a basic security on the server - so it will prompt for login process.

                          This will be the recommended way to go as ADF Mobile will just take care of every subsequent request for a service for you.

                          For example on why and how to use the configuration server see: