Ibm xamarin gtruty
-
Upload
rfavali -
Category
Technology
-
view
506 -
download
0
description
Transcript of Ibm xamarin gtruty
Introducing IBM Worklight
With the Worklight SDK for Xamarin developers Enterprise grade security,
integration and app management following features of Worklight
Security and Trust• Single sign-on mechanism• SSL encryption• Multi-factor authentication• Secured offline access• On device encryption of user data
Enterprise Integration• Direct access to back-end systems• Leverage existing SOA services• Server-side caching• Unified push and SMS notifications
Application Management• App distribution • App Version management• Remote disabling apps• Push Notification service management• Analytics and Usage report• Log collection for problem
determination
IBM Worklight goes beyond mobile app UI creation to deliver mobile optimized, standards-based, middleware and tools
for enterprise-grade mobile applications and services creation
“Best Enterprise Mobility Application Development Platform" by Compass Intelligence for 2014 Mobility Awards
Worklight CLI & StudioLeading tools for native and hybrid development that maximize code reuse, accelerate development, and promote team work
Operational Console UI for app deployment, management, and version enforcement, real-time operational analytics, push notifications
Worklight App CenterA non-MDM, cross-platform, private mobile app store tailored to the needs of development team or as an enterprise store
IBM Worklight – Main Components
App Runtime Client APIs available for native, hybrid, and web apps
Worklight Server Gateway for mobile user engagement, security, analytics, and application control
Run TimeDevelopment
The IBM Worklight SDK for Xamarin
Develop Rich Native applications in C# with
Xamarin Studio
Security
Authentication
Integration
Notifications
App Management
Analytics
Xamarin Studio
Integrated Services
Create rich native applications in C# in Xamarin Studio leveraging enterprise grade app services that speed
development and enhance app capabilities and performance
Speed development Add rich app services
Speed integration Ease troubleshootingSpeed integration
Leverage robust security and authentication
Get control of your applications
What does this do for mobile application developers?
and More
IBM Bluemix A rich set of mobile ready APIs that you can mix and match to power your App
Run CodeThe developer can chose from multiple language runtimes or bring their own. Just upload your code and go.
Store DataThe developer can store data in the cloud as a service easily without needing to administer the databases.
Cloud IntegrationBuild hybrid environments. Connect to on-premises systems of record plus other public and private clouds. Expose your own APIs to your developers.
Built on IBM SoftLayerRuns on top of IBM’s leading infrastructure as a service.
A catalog of developer friendly APIs (IBM & third party) with mobile SDKs, that can be composed into new and existing mobile apps. Configure and manage through the BlueMix portal.
API Catalog
Big Data &AnalyticsCategories Data
Inte-gration
WebMobile
Enterprise Integration
Worklight Mobile Server
Firewall
Existing Integration Hub
backend integration
HTTP(S)
DatabaseWebServi
ce RESTJMSMQFileFTPSAP
Siebel:
JDBC Web Service
JMSJSONXamarin
Studio
C# App built with Xamarin Studio
Worklight server provides a single secure point of integration into the Enterprise that speedsintegration and enables management of mobile solutions
En
terp
riseA
pp
licatio
ns
IBM MobileFirst
SDK
Bring Your Own Tools!
Developers have the flexibility to use the development tools of their choice• Worklight Studio• Command Line Interface (CLI) is provided to enable the use of other development tools
The CLI provides the following capabilities:• Add Worklight SDKs to a native project• Create Worklight hybrid projects• Add environments to a Worklight hybrid project• Create Worklight Adapters• Test Worklight Adapters• Deploy Worklight applications and adapters to the Worklight Server• Start and stop the Worklight Server• Launch the Worklight administrative console
Worklight SDK for Xamarin – Developer Workflow
9
• Create Worklight server side artifacts and deploy using Command Line Interface
• Install IBM Worklight component in Xamarin studio
• Use Worklight APIs in your application• Extensive libraries and client APIs that
expose and interface with native device functionality
• Build Apps
• Deploy/Manage/Monitor Apps
Add the IBM MobileFirst SDK Component
Interact with IBM Worklight via the Xamarin IDE
Worklight CLI and JDK configuration
$ wl create XTest
$ wl add api XTestiOS –environment ios
$ wl build
$ wl start
$ wl deploy
Create a Worklight application (to manage the application)
Worklight Server: Adapters
Worklight Server
SQL / JDBC
ESB
SOAP / HTTP
JMS
CAST IRON
REST
Java Extension
Node*
For the server developer• JS anywhere: Simple APIs for server-side JavaScript
development• Extensibility: Java API for custom adapters
For the client developer• Easy-to-use, consistent client-side API to call any back-end
system
Enterprise back-ends and cloud services
Run time• Lightweight server-side logic to expose data in a mobile-friendly
way• Automatic JSON transformation of enterprise data for quick transport
and ease of consumption by mobile developer• Server-side service composition to reduce requests over slow mobile
network• XSLT to reduce fat SOAP responses
• Security• Automatic enablement of server-side authentication control and audit
• Analytics• Automatic collection of user actions and device and app properties
• Mobile user engagement• Push notifications
public async Task<String> InvokeTransferFunds(string acctFrom, string acctTo, string amount{ WorklightProcedureInvocationData invocationData =
new WorklightProcedureInvocationData("HttpMyBankAdapter",
"getTransferFunds",
new object[] {acctFrom, acctTo, amount}); WorklightResponse task = await client.InvokeProcedure(invocationData); if (task.Success) {
: }}
Invoke an Adapter method from Xamarin
function getTransferFunds (acctFrom, acctTo, amount) { :
if ((1*amount) > 0) {users[index].accts[f].balance = users[index].accts[f].balance - amount;users[index].accts[t].balance = (1*users[index].accts[t].balance) +
(1*amount);result = true;
}:
path = getPath(interest);var input = { method : 'get', returnedContentType : 'xml', path : path};return WL.Server.invokeHttp(input);
}
Implement Adapter methods to driver enterprise integration and implement common server side logic
Modify Adapter configuration
<displayName>MyBankAdapter</displayName><description>MyBankAdapter</description><connectivity>
<connectionPolicy xsi:type="http:HTTPConnectionPolicyType"><protocol>http</protocol><domain>rss.cnn.com</domain><port>80</port>
</connectionPolicy><loadConstraints maxConcurrentConnectionsPerNode="2" />
</connectivity><procedure name="getDriveLogin"/><procedure name="getAccounts"/><procedure name="getTransactions"/><procedure name="getTransferFunds"/>
$ wl add adapter MyBankAdapter –-type http
$ subl adapters/MyBankAdapter/MyBankAdapter-impl.js
$ wl build
$ wl deploy
Create and implement desired adapter procedures
Invoke the Adapter interactively
laptop:XTest gregtruty$] Which adapter do you want to use? (Use arrow keys) HTTP HttpMyBankAdapter ❯ MyBankAdapter SQLMyBankAdapter
[?] Which procedure do you want to invoke? (Use arrow keys) getDriveLogin ❯ getAccounts getTransactions getTransferFunds
[?] Enter the comma-separated parameters: Invoking MyBankAdapter:getAccounts...
Arguments:[ "Greg” ]
Invocation result:{ "isSuccessful": true, "accts": [ { "balance": 8247.22, "number": "182729382", "type": "Savings” }, { "balance": 1452.23, "number": "582729382", "type": "Checking” } ]}
wl invoke “Greg”
Invoke the Adapter directly
laptop:XTest gregtruty$ wl invoke MyBankAdapter:getAccounts '"Greg"'{ "isSuccessful": true, "accts": [ { "balance": 8247.22, "number": "182729382", "type": "Savings" }, { "balance": 1452.23, "number": "582729382", "type": "Checking" }]}
Automatic adapter generation for SOAP and SAP NetWeaver
• Speed-up creation of mobile apps which interact with Enterprise back-end system of records
• Reduce the amount to coding to zero or near-zero for invoking SOAP based web services and services from the SAP NetWeaver Gateway
• Consume these services via the generated adapter from your web, hybrid, or native app
Unified Push Notifications
Register for, notify, and receive a notification via Worklight APIs
Back-end SystemBack-end System
Back-end SystemBack-end System
Polling Adapters
Message-based Adapters
Unified Push API
Notification State Database
User-Device Database
iOS Dispatcher
Android Dispatcher
Windows Phone Dispatcher
SMS Dispatcher
Apple Push Servers (APN)
Google Push Servers (GCM)
Microsoft Push Servers
SMS/MMS Brokers
Administrative ConsoleNotification statistics, SMS subscription control
Worklight Client-side Push Services
iOSPush API
Android Push API
WindowsPush API
Broker API
Worklight Client-side Push Services
Worklight Client-side Push Services
Optional 2-way SMS
Recent Push notification enhancements in Worklight Foundation
Group notifications based on tagsNotifications are targeted to only a select set of users based on their topics of interestTags allow message producers / senders to segment devices One or more tags can exist per applicationDefined in application-descriptor.xml – created during deployment
Broadcast, unicast and narrowcast notificationsAPIs available to send a notification to all the devices that installed the applicationAlso provides for an option to opt out of receiving broadcast notificationsEnhanced APIs to send a notification to specific user or device that installed the applicationSupport for a notification targeted to devices of a particular platform that installed the application
Server side REST APIs for device and subscription management Improved scalability of the push infrastructure to handle large volumes of push
messages
Application Security
Security
Application Security
Protecting data on the device
Authentication integration framework
Authentication integration framework
Data protection
realms
Data protection
realms
Using device id as 2nd factorUsing device
id as 2nd factorCode
obfuscationCode
obfuscation
SSL with server identity
verification
SSL with server identity
verification
Proven platform security
Proven platform security
App authenticity
testing
App authenticity
testing
Compatible with Jailbreak /malware detection
Compatible with Jailbreak /malware detection
Secure challenge-
response on startup
Secure challenge-
response on startup
Encrypted offline cache
Encrypted offline cache
Offline authentication
Offline authentication
Enforcing Security Updates
Remote disableRemote disable Direct updateDirect update
Security for enterprise application is the biggest concern of CTO’sRich Worklight security features can now be used
Worklight security – concepts
Security Tests
A security test defines a security configuration for a protected resource
Authentication realms
Resources are protected by authentication realms. Authentication processes can be interactive or non-interactive.
Authenticators and login modules
An authenticator collects client credentials. A login module validates them.
Adapters can point to security tests
<displayName>MyBankAdapter</displayName><description>MyBankAdapter</description><connectivity>
<connectionPolicy xsi:type="http:HTTPConnectionPolicyType"><protocol>http</protocol><domain>rss.cnn.com</domain><port>80</port>
</connectionPolicy><loadConstraints maxConcurrentConnectionsPerNode="2" />
</connectivity><procedure name="getDriveLogin” securityTest="Adapter-
securityTest” /><procedure name="getAccounts” /><procedure name="getTransactions” /><procedure name="getTransferFunds” />
Security configuration is under the project
<securityTests> <customSecurityTest name="Adapter-securityTest">
<test realm="SampleAppRealm" isInternalUserID="true"/> </customSecurityTest>
</securityTests>
<realms><realm name="SampleAppRealm" loginModule="StrongDummy">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm></realms>
<loginModules><loginModule name="StrongDummy">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule></loginModules>
Code up the client-side challenge handler
public override void HandleChallenge(WorklightResponse challenge) { Console.WriteLine ("We were challenged.. so we are handling it"); Dictionary<String,String > parms = new Dictionary<String, String> (); parms.Add ("j_username", "worklight"); parms.Add ("j_password", "password"); LoginFormParameters = new LoginFormInfo ("j_security_check", parms,
null, 30000, "post"); shouldSubmitLoginForm = true;
}
Configure on the connect to Worklight
public async void Connect(){ //lets send a message to the server client.Analytics.Log("Trying to connect to server",metadata);
ChallengeHandler customCH = new CustomChallengeHandler (appRealm); client.RegisterChallengeHandler(customCH); WorklightResponse task = await client.Connect (); //lets log to the local client (not server) client.Logger("Xamarin").Trace ("connection"); //write to the server the connection status client.Analytics.Log ("Connect response : " + task.Success); //return task; }
Device Single Sign-On (SSO)
• Enables a mobile user to authenticate once and gain access to all apps from the same organization (technically, with the same developer certificate) without re-authenticating.
• Integration with DataPower, ISAM, and other gateways
App 1
secu
re M
ob
ile O
S
key s
tore
WorklightServer
App 2
IDSession x
Session y
Duplicate after receiving ID from App 2
Implementation- Implemented using combination of
server-side capabilities (realms) and unique device identification (device ID)
- On successful login the authentication state is saved in the database and used for validations in subsequent sessions from the same device.
Manage the Worklight applications
Application Management
• Better control of your application
• Active
• Active, Notifying(useful for informing users of scheduled outages or future pending updates)
• Access Disabled(useful for forcing upgrades to new versions)
Disable or Notify the end user
Remote-controlled client-side log collection
• Worklight provides Native and JavaScript API for client-side logging
• Administrator defines log collection profiles on the server which are automatically retrieved by the Worklight client-side runtime
• By default sent on init, resume, and 75% full – can be customized
• Administrator can perform analysis and text search of client-side logs via server-side analytics console
Unified Client and Server Analytics Out-of-the-box analytics address the following:
• User adoption, device and app properties
• User actions and called adapter procedures
• Performance and data usage information
• Exceptions, crashes, logs, response time
Analytics component provided in a WAR for simple install and administration
Service integration analytics
Robust analytics for adapter usage including average response time, average data usage, and server usage statistics
Server and Client log inspection made easy
Worklight Analytics Console enables easy searching of both client and server logs
Worklight provides C# API documentation
WorklightCluster
Load Balancer
Backend 1 Backend 2
WorklightDatabase
Web SSOServer
Corporate LAN
Corporate DMZ
IBM Worklight Foundation – Typical Topology
Seek community forum/support at Stack Overflow
http://stackoverflow.com/questions/tagged/worklight
Demo
Resources
Worklight Getting Started (documentation, CLI reference, sample adapters, etc…)http://www.ibm.com/developerworks/mobile/worklight/getting-started.html
Worklight CLI Downloadhttp://www.ibm.com/developerworks/mobile/worklight/download/cli.html
Xamarin and Worklight informationhttp://www.xamarin.com/ibm
Worklight Supporthttp://stackoverflow.com/questions/tagged/worklight
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Invoke the Adapter interactively
laptop:XTest gregtruty$ wl invoke] Which adapter do you want to use? (Use arrow keys) HTTP HttpMyBankAdapter ❯ MyBankAdapter SQLMyBankAdapter
[?] Which procedure do you want to invoke? (Use arrow keys) getDriveLogin ❯ getAccounts getTransactions getTransferFunds
[?] Enter the comma-separated parameters: "Greg"Invoking MyBankAdapter:getAccounts...
Arguments:[ "Greg” ]
Invocation result:{ "isSuccessful": true, "accts": [ { "balance": 8247.22, "number": "182729382", "type": "Savings” }, { "balance": 1452.23, "number": "582729382", "type": "Checking” } ]}