Form-based authentication in native Android applications
This tutorial explains how to implement the client-side of form-based authentication in native Android.
Prerequisite: Make sure that you read the Form-based authentication tutorial first.
Implementing the client-side authentication
- Create a native Android application and add the MobileFirst native APIs as explained in the Configuring a native Android application with the MobileFirst Platform SDK tutorial.
- Add an activity which handles and presents a login form.
- Create a
MyChallengeHandlerclass as a subclass of
- Call the
- Add an implementation of the following
ChallengeHandlermethods to handle the form-based challenge:
isCustomResponsemethod is invoked each time a response is received from the MobileFirst Server. It is used to detect whether the response contains data that is related to this challenge handler. It must return either
The default login form that returns from the MobileFirst Server contains the
j_security_checkstring. If the response contains the string, the challenge handler returns
true, the framework calls the
handleChallengemethod. This function is used to perform required actions, such as hiding the application screen and showing the login screen.
At the end of the authentication flow,
onFailurewill be triggered
submitSuccessmethod in order to inform the framework that the authentication process completed successfully and for the
onSuccesshandler of the invocation to be called.
submitFailuremethod in order to inform the framework that the authentication process failed and for the
onFailurehandler of the invocation to be called.
When the user taps to submit the credentials, you need to call the
submitLoginForm method in order to send the
j_security_check string and the credentials to the MobileFirst Server.
For example, in here we implemented a
submitLogin method that called by the MainActivity after the login process is completed.
The Main Activity
In the sample project, in order to trigger the challenge handler we use the
WLClient invokeProcedure method.
The protected procedure invocation triggers MobileFirst Server to send the challenge.
- Create a
WLClientinstance and use the
connectmethod to connect to the MobileFirst Server:
- In order to listen to incoming challenges, make sure to register the challenge handler by using the
- Invoke the protected adapter procedure:
FormBasedAuthproject contains a MobileFirst native API that you can deploy to your MobileFirst server.
FormBasedAuthAndroidproject contains a native Android application that uses a MobileFirst native API library.
- Make sure to update the
wlclient.propertiesfile in the native project with the relevant server settings.