Connecting Xamarin Apps with IBM Worklight in Bluemix
1. Connecting Xamarin
Apps with
IBM Worklight
Greg Truty
Chief Architect, IBM MobileFirst
gtruty@us.ibm.com
2. Introducing IBM Worklight
With the Worklight SDK for Xamarin
developers Enterprise grade security,
integration and app management following
features of Worklight
Enterprise Integration
• Direct access to back-end systems
• Leverage existing SOA services
• Server-side caching
• Unified push and SMS notifications
Security and Trust
• Single sign-on mechanism
• SSL encryption
• Multi-factor authentication
• Secured offline access
• On device encryption of user data
Application Management
• App distribution
• App Version management
• Remote disabling apps
• Push Notification service management
• Analytics and Usage report
• Log collection for problem determination
IBM Worklight goes beyond mobile app UI creation to deliver
mobile optimized, standards-based, middleware and tools
for enterprise-grade mobile applications and services
creation
“Best Enterprise Mobility Application Development Platform"
by Compass Intelligence for 2014 Mobility Awards
3. IBM Worklight – Main Components
Development Run Time
Worklight CLI & Studio
Leading tools for native and
hybrid development that
maximize code reuse, accelerate
development, and promote team
work
Operational Console
UI for app deployment, management, and version
enforcement, real-time operational analytics, push
notifications
Worklight Server
Gateway for mobile user engagement, security,
analytics, and application control
App Runtime
Client APIs available for native, hybrid, and web apps
Worklight App Center
A non-MDM, cross-platform, private mobile app store tailored to the needs of development
team or as an enterprise store
4. The IBM Worklight SDK for Xamarin
Security
Authentication
Integration
Notifications
App Management
Analytics
Xamarin
Studio
Integrated
Services
Create rich native applications in C# in Xamarin Studio
leveraging enterprise grade app services that speed
development and enhance app capabilities and
performance
5. What does this do for mobile application
developers?
Speed development Add rich app services
Speed integration Ease troubleshooting
Leverage robust security
and authentication
Get control of
your applications
6. A rich set of mobile ready APIs that you can mix and match to power your App
API Catalog
A catalog of developer friendly APIs (IBM & third party) with mobile
SDKs, that can be composed into new and existing mobile apps.
Configure and manage through the BlueMix portal.
and More
IBM Bluemix
Run Code
The developer can chose from multiple language runtimes or bring
their own. Just upload your code and go.
Store Data
The developer can store data in the cloud as a service easily without
needing to administer the databases.
Cloud Integration
Build hybrid environments. Connect to on-premises systems of record
plus other public and private clouds. Expose your own APIs to your
developers.
Built on IBM SoftLayer
Runs on top of IBM’s leading infrastructure as a service.
Inte-gration
Categories Big Data &
Mobile Web
Data
Analytics
7. Enterprise Integration
Worklight server provides a single secure point of integration into the Enterprise that speeds
integration and enables management of mobile solutions
Worklight
Mobile
Server
Firewall
Existing
Integration Hub
backend integration
HTTP(S)
Database
WebService
REST
JMS
MQ
File
FTP
SAP
Siebel
:
JDBC
Web Service
Xamarin JSON JMS
Studio
C# App built with
Xamarin Studio
Enterprise
Applications
IBM
MobileFirst
SDK
8. Bring Your Own Tools!
Developers have the flexibility to use the development tools of their choice
• Worklight Studio
• Command Line Interface (CLI) is provided to enable the use of other development tools
The CLI provides the following capabilities:
• Add Worklight SDKs to a native project
• Create Worklight hybrid projects
• Add environments to a Worklight hybrid project
• Create Worklight Adapters
• Test Worklight Adapters
• Deploy Worklight applications and adapters to the Worklight Server
• Start and stop the Worklight Server
• Launch the Worklight administrative console
9. Worklight SDK for Xamarin – Developer Workflow
9
• Install IBM Worklight
component in Xamarin studio
• Create Worklight server side artifacts and
deploy using Command Line Interface
• Use Worklight APIs in your application
• Extensive libraries and client APIs that expose
and interface with native device functionality
• Build Apps
• Deploy/Manage/Monitor Apps
13. Create a Worklight application (to manage the
application)
$ wl create XTest
$ wl add api XTestiOS –environment ios
$ wl build
$ wl start
$ wl deploy
14.
15.
16.
17.
18. Worklight Server: Adapters
SQL / JDBC
SOAP / HTTP
REST
Java Extension
ESB
JMS
CAST IRON
Node*
Worklight Server
For the server developer
• JS anywhere: Simple APIs for server-side JavaScript development
• Extensibility: Java API for custom adapters
For the client developer
• Easy-to-use, consistent client-side API to call any back-end system
Enterprise back-ends and cloud
services
Run time
• Lightweight server-side logic to expose data in a mobile-friendly way
• Automatic JSON transformation of enterprise data for quick transport and ease of
consumption by mobile developer
• Server-side service composition to reduce requests over slow mobile network
• XSLT to reduce fat SOAP responses
• Security
• Automatic enablement of server-side authentication control and audit
• Analytics
• Automatic collection of user actions and device and app properties
• Mobile user engagement
• Push notifications
19. Invoke an Adapter method from Xamarin
public async Task<String> InvokeTransferFunds(string acctFrom, string acctTo, string amount
{
WorklightProcedureInvocationData invocationData =
new WorklightProcedureInvocationData("HttpMyBankAdapter",
"getTransferFunds",
new object[] {acctFrom, acctTo, amount});
WorklightResponse task = await client.InvokeProcedure(invocationData);
if (task.Success)
{
:
}
}
20. Implement Adapter methods to driver enterprise
integration and implement common server side
logic
function getTransferFunds (acctFrom, acctTo, amount) {
:
if ((1*amount) > 0) {
users[index].accts[f].balance = users[index].accts[f].balance - amount;
users[index].accts[t].balance = (1*users[index].accts[t].balance) + (1*amount);
result = true;
}
:
path = getPath(interest);
var input = {
method : 'get',
returnedContentType : 'xml',
path : path
};
return WL.Server.invokeHttp(input);
}
25. Automatic adapter generation for SOAP and
SAP NetWeaver
• Speed-up creation of mobile apps which interact with Enterprise back-end
system of records
• Reduce the amount to coding to zero or near-zero for invoking SOAP
based web services and services from the SAP NetWeaver Gateway
• Consume these services via the generated adapter from your web, hybrid,
or native app
26. Unified Push Notifications
Register for, notify, and receive a notification via Worklight APIs
Back-end
System
Back-end
System
Back-end
System
Back-end
System
Polling
Adapters
Message-based
Adapters
Unified Push
API
Notification
State
Database
User-Device
Database
iOS
Dispatcher
Android
Dispatcher
Windows
Phone
Dispatcher
SMS
Dispatcher
Apple Push
Servers (APN)
Google Push
Servers (GCM)
Microsoft
Push Servers
SMS/MMS
Brokers
Administrative Console
Notification statistics, SMS subscription control
Worklight
Client-side Push
Services
iOS
Push API
Android
Push API
Windows
Push API
Broker API
Worklight
Client-side Push
Services
Worklight
Client-side
Push Services
Optional 2-way SMS
27. Recent Push notification enhancements in
Worklight Foundation
Group notifications based on tags
Notifications are targeted to only a select set of users based on their topics of interest
Tags allow message producers / senders to segment devices
One or more tags can exist per application
Defined in application-descriptor.xml – created during deployment
Broadcast, unicast and narrowcast notifications
APIs available to send a notification to all the devices that installed the application
Also provides for an option to opt out of receiving broadcast notifications
Enhanced APIs to send a notification to specific user or device that installed the application
Support for a notification targeted to devices of a particular platform that installed the application
Server side REST APIs for device and subscription management
Improved scalability of the push infrastructure to handle large volumes of push messages
28. Security
Security for enterprise application is the biggest concern of CTO’s
Rich Worklight security features can now be used
Application Security
Application Security
Protecting data on the device
Authentication
integration
framework
Data protection
realms
Secure challenge-response
Using device id
as 2nd factor
Code
obfuscation
SSL with server
identity
verification
Proven platform
security
App authenticity
testing
Compatible with
Jailbreak /malware
detection
on
startup
Encrypted offline
cache
Offline
authentication
Enforcing Security Updates
Remote disable Direct update
29. Worklight security – concepts
Security Tests
A security test defines a security configuration for a protected resource
Authentication realms
Resources are protected by authentication realms. Authentication processes can be
interactive or non-interactive.
Authenticators and login modules
An authenticator collects client credentials. A login module validates them.
31. Security configuration is under the project
<securityTests>
<customSecurityTest name="Adapter-securityTest">
<test realm="SampleAppRealm" isInternalUserID="true"/>
</customSecurityTest>
</securityTests>
<realms>
<realm name="SampleAppRealm" loginModule="StrongDummy">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>
</realms>
<loginModules>
<loginModule name="StrongDummy">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
</loginModules>
32. Code up the client-side challenge handler
public override void HandleChallenge(WorklightResponse challenge)
{
Console.WriteLine ("We were challenged.. so we are handling it");
Dictionary<String,String > parms = new Dictionary<String, String> ();
parms.Add ("j_username", "worklight");
parms.Add ("j_password", "password");
LoginFormParameters = new LoginFormInfo ("j_security_check", parms,
null, 30000, "post");
shouldSubmitLoginForm = true;
}
33. Configure on the connect to Worklight
public async void Connect(){
//lets send a message to the server
client.Analytics.Log("Trying to connect to server",metadata);
ChallengeHandler customCH = new CustomChallengeHandler (appRealm);
client.RegisterChallengeHandler(customCH);
WorklightResponse task = await client.Connect ();
//lets log to the local client (not server)
client.Logger("Xamarin").Trace ("connection");
//write to the server the connection status
client.Analytics.Log ("Connect response : " + task.Success);
//return task;
}
34. Device Single Sign-On (SSO)
• Enables a mobile user to authenticate once and gain access to all apps from the same
organization (technically, with the same developer certificate) without re-authenticating.
• Integration with DataPower, ISAM, and other gateways
App 1
secure Mobile OS key
store
Worklight
Server
App 2
ID
Session x
Duplicate
after
receiving ID
from App 2
Session y
Implementation
Implemented using combination of
server-side capabilities (realms) and
unique device identification (device ID)
On successful login the authentication
state is saved in the database and used
for validations in subsequent sessions
from the same device.
36. Application Management
• Better control of your
application
• Active
• Active, Notifying
(useful for informing users
of scheduled outages or
future pending updates)
• Access Disabled
(useful for forcing upgrades
to new versions)
38. Remote-controlled client-side log collection
• Worklight provides Native and JavaScript API for client-side logging
• Administrator defines log collection profiles on the server which are automatically retrieved by the Worklight client-side runtime
• By default sent on init, resume, and 75% full – can be customized
• Administrator can perform analysis and text search of client-side
logs via server-side analytics console
39. Unified Client and Server Analytics
Out-of-the-box analytics address the following:
• User adoption, device and app properties
• User actions and called adapter procedures
• Performance and data usage information
• Exceptions, crashes, logs, response time
Analytics component provided in a WAR for simple install and administration
40. Service integration analytics
Robust analytics for adapter usage including average response time, average data usage,
and server usage statistics
41. Server and Client log inspection made easy
Worklight Analytics Console enables easy searching of both client and server
logs
43. IBM Worklight Foundation – Typical Topology
Corporate DMZ
Worklight
Cluster
Load
Balancer
Backend 1 Backend 2
Worklight
Database
Web SSO
Server
Corporate LAN