• Find us:
    +1 415 655 1723   |   +91-844-844-8901
  • Free Newsletter

     
     

  • Archive

  • Categories


  • Oracle Mobile Application Framework (MAF) Authentication

    Posted by "" in "FMW, OAAM, OAM" on 2014-07-20

    Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInEmail this to someone

    Introduction

    Oracle Mobile Application Framework (MAF) is a solution that enables customers to create and run mobile applications that run natively on iOS and Android devices. MAF makes use of the well-known and widely used technologies such as Java, HTML5, JavaScript, CSS etc. to develop mobile applications which enables to create a single application for iOS and Android and even further for phones and tablets.

    Along with the application development simplicity, MAF offers a robust Authentication and Authorization framework. When used in combination with Oracle Access Management products such as Oracle Mobile and Social Server and Oracle Adaptive Access Manager, you can get the best of the breed security for your application with the features such as Single Sign-On among different applications within the same device, Device Fingerprinting, Knowledge-based Authentication etc.

    In this article, I am going to discuss the authentication features provided by MAF. MAF offers different levels of security in an application depending on the content that is being displayed. Most of the applications have some content that should be accessed by the user only when he/she is authenticated along with the content that is available to anonymous (unauthenticated) users. That means, you can enable or disable authentication depending on which feature is accessed by user. On accessing a protected feature, MAF presents a login page. Only if user enters the valid credentials, MAF lets him/her access the contents of the feature. Developers can configure either default or custom login HTML pages. In case of strong authentication, the Knowledge based authentication can also be customised using the integration with OAMM.

    Oracle Access Management Mobile SDKs provide API for authentication, cryptography, user and role management and secure storage of the credentials. The SDKs support Basic Authentication and authentication through REST web services exposed by Oracle Mobile and Social Server.

     

    Authentication Protocols

    MAF supports four types of authentication protocols (Authentication Server Types):

    1. HTTP Basic: MAF presents HTTP Basic authentication in which user credentials are validated against a remote application server
    2. Mobile-Social: The authentication is configured against remote Oracle Mobile and Social Server using Oracle Access Manager
    3. OAuth: The Relying Party authentication provided by Oracle Mobile and Social Server enables application to authenticate against a third-party OAuth Provider
    4. Web SSO: Cross-domain Single sign-on

     

    Authentication Process

    MAF provides two types of authentication methods based on the source of the identity store:

    1. Authentication against the local credential store
    2. Authentication against a remote Application Server which can be Oracle Access Manager Server or other application deployed on Application Server

    Generally the local credential store is populated during the first authentication request against a remote server. Once the user is authenticated against the server within the same application session, MAF stores the authentication context locally, allowing it to be used for subsequent authentication attempts if configured.

    Following are various authentication scenarios supported by MAF Applications:

    1. Basic Authentication against a remote Application Server

    Screen Shot 2014-07-20 at 10.32.21 pm

    1. First time device/application registration with Oracle Mobile and Social Server

    Screen Shot 2014-07-20 at 11.29.36 pm

    1. Mobile SSO Agent Requests Access Token from Oracle Access Manager

    Screen Shot 2014-07-20 at 11.30.51 pm

    • Mobile SSO Agent has valid access token in Credential Store

    Screen Shot 2014-07-20 at 11.31.12 pm

    • Mobile SSO Agent does not have valid access token in Credential Store

    Screen Shot 2014-07-20 at 11.31.26 pm

     

    Connectivity Modes

    MAF provides three types of Connectivity Modes that we can use in our application:

    1. local: The first login is always authenticated against a remote server. On successful authentication, MAF persists the credentials locally in credential store. All the subsequent logins are authenticated against the local credential store till it is available
    2. remote: It requires the application to authenticate against a remote web application or identity server. If the remote server is not available, user will not be able to login.
    3. hybrid: The application will authenticate against the remote server as long as it can access it. The local credential store is used only when there is no network connection between the application and the remote server.

     

    Conclusion

    MAF offers several choices of authentication protocols and methods which customers can avail depending on the needs of the applications. Apart from the development simplicity, MAF provides a robust security framework and when used in collaboration with Oracle Access Management products, it offers the best mobile security framework in the market.

    References

    http://docs.oracle.com/middleware/mobile200/mobile/develop/maf-securing.htm

    http://docs.oracle.com/cd/E40329_01/admin.1112/e27239/oicunderstandingoic.htm

    Ganesh Kamble works as Oracle Fusion Middleware Consultant and is an Oracle Certified Specialist in Access Management. Having started his career in product development at Oracle, Ganesh got excellent exposure to the middleware technologies during his work in integration of Tier-1 banking product Oracle Banking Platform with Oracle Fusion Middleware products. He was honored with Outstanding Contribution award by Oracle.
    His key areas of interest are Oracle Identity and Access Management, Oracle Service Oriented Architecture and Java with passion for blogging on various encounters with Oracle products. He publishes blogs regularly on http://k21technologies.com/blog/. He can be reached at ganesh.kamble@k21technologies.com and http://twitter.com/ganeshk_8
    Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInEmail this to someone

    2 thoughts on “Oracle Mobile Application Framework (MAF) Authentication”

    1. lasya priya says:

      Hi,

      I am new to MAF and want to explore and learn it. Can you please let me know where can I find a document or a developer guide which covers most of the features.

      Thanks,
      Lasya Priya

    Leave a Reply

    Your email address will not be published. Required fields are marked *



  • K21 Technologies is among the most experienced Oracle Gold Partner for Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

    We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.
  • CONTACTS

    K21 Technologies
    128 Uxbridge Road, Hatchend,,
    London, HA5 4DS

    US: +1 415 655 1723
    India: +91-844-844-8901

  • Copyright 2019, K21 Technologies. All rights reserved
  • TOP
    TOP