Wednesday, May 4, 2016

Oracle MAF: Oracle MCS as authentication provider

An usual requirement when working with Oracle Mobile Application Framework and Oracle Mobile Cloud Service is implement the login against Oracle MCS.
In this post I am going to show you how to configure Oracle MCS as an authentication provider in Oracle MAF.


  • Creating a Realm
A realm is a security context for a ser of users. We can have only one realm for each Mobile Backend, but we can have multiple Mobile Backend using the same realm.
Using one or more realm in MCS will depend on what users we will like to give access to our application.

Under Applications, we can find Mobile User Management. By default there is one realm named 'default', but we can create a new one by clicking on 'New Realm' button.



In the realm we can find some user information by default altough we can add more properties.



  • Create and configure a Mobile Backend
A Mobile Backend (MBE) is the gateway to Mobile Cloud Service. If we want to access any available resource from MCS, for example an API, we have to do it though an MBE.

We can find Mobile Backends option under Applications menu option.

Click on 'New Mobile Backend' to create a new one.


Once you have created the MBE head to Users option and click on 'Change user realm', by default the MBE has a realm but in this case we need to set the new realm we have just created. This is not the case, but we can also set a default realm for every new created MBE.


In the popup we can select any existing realm.


After that, as there is no users in the realm you can add them by clicking on 'Add New User' button.


You will receive an email to the email address you used to register the user.


  • Configuring a MAF Application.

The last step is to configure the MAF application. Here is a couple of things that we have to do.
First we need to create a secured page. We can do it in maf-feature.xml


The last thing is to configure the login server.
To do this, we need to open maf-aplication.xml. We can find the file in 'Application Resources' under descriptors/ADF META-INF folder.

Click on the add button.


In the popup we have to select HTTP Basic as Authentication type and set a name to the connection.


In HTTP Basic tab we need to configure login and logout URLs.
To build this URLs we need to know the base URL, and add to it at the end '/mobile/platform/users/login' in Login URL and "/mobile/platform/users/logout" in Logout URL.
We can check the base URL in MBE Settings menu option.


The last step in the cofiguration is to add a custom header. The header name will be 'Oracle-MobileBackend-ID' and the value can be also found in MBE Settings menu option.



We just have to execute the application. As soon as we do it, the login page will appear.


If we set the right credentials we will access our secured page.



But if we enter wrong credentials we will se a'Invalid username or password.' error message.















No comments:

Post a Comment