Custom Authentication in native Android applications
OverviewThis tutorial explains how to implement the client side of a custom authentication in native Android.
Prerequisite: Make sure that you read the Custom Authentication tutorial first.
Implementing the client-side authentication
- Create a native Android application and add the MobileFirst native APIs as explained in the Configuring a native Android application with the MobileFirst Platform SDK tutorial.
- Add an activity which handles and presents a login form.
- Create a
MyChallengeHandlerclass as a subclass of
- Call the
- Add an implementation of the following
ChallengeHandlermethods to handle the form-based challenge:
isCustomResponsemethod is invoked each time a response is received from the MobileFirst Server. It is used to detect whether the response contains data that is related to this challenge handler. It must return either
true, the framework calls the
handleChallengemethod. This function is used to perform required actions, such as hiding the application screen and showing the login screen.
At the end of the authentication flow,
onFailurewill be triggered
submitSuccessmethod in order to inform the framework that the authentication process completed successfully and for the
onSuccesshandler of the invocation to be called.
submitFailuremethod in order to inform the framework that the authentication process failed and for the
onFailurehandler of the invocation to be called.
When the user taps to submit the credentials, call the
submitLoginForm method to send the the credentials to the MobileFirst Server.
For example, in here we implemented a
submitLogin method that called by the MainActivity after the login process is completed.
The Main Activity
In the sample project, in order to trigger the challenge handler we use the
WLClient invokeProcedure method.
The protected procedure invocation triggers MobileFirst Server to send the challenge.
- Create a
WLClientinstance and use the
connectmethod to connect to the MobileFirst Server:
- In order to listen to incoming challenges, make sure to register the challenge handler by using the
- Invoke the protected adapter procedure:
If your custom authenticator uses
WorklightProtocolAuthenticator, some simplifications can be made:
- Subclass your challenge handler using
ChallengeHandler. Note the
- You no longer need to implement
isCustomResponseas the challenge handler will automatically check that the realm name matches.
handleChallengewill receive the challenge as a parameter, not the entire response object.
- Instead of
submitChallengeAnswerto send your challenge response as a JSON.
- There is no need to call
submitFailureas the framework will do it for you.
CustomAuthproject contains a MobileFirst native API that you can deploy to your MobileFirst server.
CustomAuthAndroidproject contains a native Android application that uses a MobileFirst native API library.
- Make sure to update the
worklight.plistfile in the native project with the relevant server settings.
Inclusive terminology note: The Mobile First Platform team is making changes to support the IBM® initiative to replace racially biased and other discriminatory language in our code and content with more inclusive language. While IBM values the use of inclusive language, terms that are outside of IBM's direct influence are sometimes required for the sake of maintaining user understanding. As other industry leaders join IBM in embracing the use of inclusive language, IBM will continue to update the documentation to reflect those changes.