OpenEdge Development: Mobile Applications - Product ...
OpenEdge Development: Mobile Applications - Product ...
OpenEdge Development: Mobile Applications - Product ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>OpenEdge</strong> <strong>Mobile</strong> supports the following authentication models:<br />
• Anonymous — No authentication is required. This is the default value.<br />
login( ) method<br />
• HTTP Basic Authentication — The <strong>Mobile</strong> Web application requires a valid user<br />
ID and password, but does not provide a page containing a login form (credentials<br />
are typically entered in a generic login dialog provided by either the <strong>Mobile</strong> App,<br />
the browser, or the native device container in which the App is running).<br />
• HTTP Forms Authentication — The <strong>Mobile</strong> Web application requires a valid user<br />
ID and password and provides a page containing a login form.<br />
For more information on these authentication models and how to configure them for a<br />
<strong>Mobile</strong> Web application, see the sections on Web server authentication models in<br />
Chapter 5, “Deploying <strong>Mobile</strong> <strong>Applications</strong>.” For more information on the interaction<br />
between this method and the Web server, see the sections on managing login session<br />
in Chapter 4, “Creating <strong>Mobile</strong> Apps using JSDOs.”<br />
Caution: You must be sure that security is configured to complete authentication<br />
before the application requests resources in the JSDO catalog. Although it is<br />
possible to configure application security so that the only the <strong>Mobile</strong><br />
resources in the catalog require authentication, Progress Software does not<br />
recommend this approach. Instead, Progress Software recommends that<br />
you require authentication for application resources in addition to those<br />
defined in the catalog, and require that the authentication occur prior to<br />
accessing any resources in the catalog. (Note: This is the purpose of the<br />
login-target parameter, either one you pass to the login( ) method or its<br />
default.) Once the user is authenticated, the Web server provides access to<br />
all other resources, including catalog resources, according to the user's<br />
authorization settings.<br />
Note: Unless the application design guarantees that the user will be prompted by the<br />
Web browser or native device container to provide credentials before a<br />
login( ) call occurs, Progress Software recommends (in some cases<br />
requires) that the <strong>Mobile</strong> App pass the credentials as parameters to the<br />
login( ) method. In addition, you must correctly set the value of the Session<br />
object’s authenticationModel property. Coding the <strong>Mobile</strong> App in this way<br />
ensures that the proper credentials are submitted to the server and promotes<br />
a favorable user experience.<br />
See also: addCatalog( ) method, loginHttpStatus property, loginResult property,<br />
loginTarget property, logout( ) method, serviceURI property,<br />
userName property, authenticationModel property<br />
<strong>OpenEdge</strong> ® <strong>Development</strong>: <strong>Mobile</strong> <strong>Applications</strong> 229