Worklight mobile v6


Published on

Mobile Development IBM - WORK LIGHT - ECLIPSE

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • The mobile space presents large and varied opportunities for our customers including the business-to-enterprise benefits to an organization of increasing worker productivity, improving processing times, and efficiencies gained through extending existing applications to mobile workers and customers.
    In addition, mobile offers opportunities in the business-to-consumer or B2C space with benefits such as improved customer satisfaction, opportunities to deepen customer engagement and drive increased sales and levels of customer service allowing them to differentiate themselves.
  • 1 – Dispatching notifications by polling back-end apps or receiving back-end-originated events
    2 – Uniform server-side API for pushing notifications via Apple, Android, BlackBerry and SMS
    3 – Maintaining push state of each user and device details
    4 – Dispatching the notification via the appropriate notification service
    5 – Uniform client-side API for subscribing to notifications and handling them on the device
    6 – Monitoring and controlling notification delivery; Statistics of notification delivery
  • From the Application Center console you can:
    Upload different versions of Android and iOS applications.
    Remove unwanted applications.
    Control access to applications.
    Access to the applications stored in the Application Center can be controlled from the Application Center console. Each application is associated with the list of people that can install the application.
    View feedback that mobile users have sent about an application.
    Obtain information about applications installed on a device.
    Make an application inactive so that it is not visible in the available applications for download.
    From the mobile client you can:
    List available mobile applications.
    Install a new application on a device.
    Send feedback about an application.
    The Application Center supports applications for Android and iOS devices. Therefore, the mobile client comes in two versions: an Android and an iOS version.
    These mobile applications are built on the Worklight® platform. You will find instructions in this document about how to configure the Application Center server-side component on various Java™ application servers after IBM Worklight is installed, as well as how to build Worklight applications for the Application Center client.
  • Icon sources
    Blue signal:
    Shopping bag:
    Red sale coupon:
    Beige sale coupon:
    Smart card:
    Dollar sign:
    QR code created with; leading to
    Hotel check-in
    ·Person made a registration at Hotel Chain
    ·Person landed at airport, gets a notification from the Hotel Chain to start the app (base on his expected time or arrival as logged as part of the registration)
    ·When approaching the hotel, gets an Auto Check In button, showing reservation details
    ·Person clicks button to check in
    ·If person has Platinum status, shift manager gets notification to greet the person
    ·When entering the hotel door, shift manager gets notification that person arrives
    ·Person approaches kiosk or a fast check-in lane to get key, showing bar code on app to get the key
    ·App shows upgrade features (better room, room service)
    Trucks arriving a warehouse
    ·Driver scans QR code with shipment using Warehouse's app
    ·Warehouse's app tracks truck
    ·Operations HQ tracks track location
    ·Warehouse can direct truck to the appropriate dock to unload and provide better and faster service
    ·Warehouse can know if driver is being delayed
    Person entering a mall
    ·Person enters a mall and scans a QR code
    ·QR code opens mall app and registers the person + his location at the mall's server
    ·App presents to person interesting and relevant information: promotions, new points of interest in the mall, events in the mall
    ·Person scans QR codes when entering particular shops to get particular coupons
    ·Application can collect the location of the person within the mall (based on the scanned QR Codes) and can track the coupons consumed by the person). Application can also track user's location based on available wifi signals in the mall
    ·Mall management can analyze the information to track movement patterns of people in the mall; visited businesses; congestions
    Hospital Physician
    ·While in Hospital, authorized doctor on shift, being called to assist in emergency in a different building in the campus
    ·Using single-factor authentication, all app features are available, full data access and storage
    ·While in coffee ship, in remote alert, being called to advise regarding a certain patient
    ·Using multi-factor authentication, certain app features are available, all data access is strongly encrypted
  • Geo-location data is one of the most powerful differentiators of mobile apps. With it, organizations can transform marketing, operations and other business processes by delivering content and other business actions when and where it is needed by customers and employees. Yet because geo-location coordinates must be constantly polled to understand where a mobile device is located, it creates a stream of geographic information that is difficult to manage without exhausting resources such as battery and network.
    Worklight 6.0 provides a new geo-location toolkit that allows developers to efficiently collect geo-location data within the mobile app without exhausting mobile resources such as battery and network. The new toolkit provides organizations with a practical way to trigger business actions based on geographic data and to analyze it to gain business and operational insight on application usage.
    * Location data can be based on GPS and Wifi coordinates
    * Triggers can be created when user reaches a point of interest, or enters or exits a region (geo-fencing)
    * Developers can set policies for acquiring geo data and sending it in batch to control battery and network utilization
  • New! Embedded functional testing
    The accelerated delivery cycles of mobile applications requires fast and effective test cycles. Whether you are developing native, or hybrid applications, you need to validate that mobile apps work as expected across multiple platforms and hundreds of devices in market at any time – each with its own form factor.
    Until now, accomplishing this task required teams to undertake tedious and time-consuming manual test processes on every target platform and device. This typically involved creating a list of user actions and expected responses, codifying these test cases in spreadsheets or text documents, and laboriously (and manually) running the test scenarios on all target platforms and devices, one test and one device at a time.
    Often companies lack the time to properly test their apps, with mobile’s accelerated pace of change – ultimately leading to lack of testing, poorly performing software and inevitably, customer frustration and lack of confidence. Five app stars can become one star apps overnight when poorly performing software erodes consumer confidence.
    With IBM Worklight 6.0, we have replaced much of this tedious and time-consuming testing by providing the industry’s first integrated, cross-platform mobile app testing capability. Here’s how it works. Either developers or testers can simply press a button to record a sequence of actions on a mobile device. Once the recording has been captured, it becomes the basis of an intelligent, resilient and code-less test case that can be played back on demand on any iOS or Android device within the same OS family – and even on simulated devices.
    This capability allows organizations to test faster, at lower cost, and more methodically – leading to higher quality apps, delivered to consumers faster, and at lower cost.
    This embedded functional testing capability is not an upsell, but an integrated component within IBM Worklight 6.0. IBM Worklight 6.0 provides exceptional value on a standalone basis – and can be upgraded to Rational Test Workbench to gain the added advantages of service virtualization, multi-tier testing and automated batch and regression testing. Integration with the IBM Mobile Development Lifecycle Solution provides traceability across requirements and defects for full visibility and control of the software delivery lifecycle.
  • IBM secure the mobile enterprise with a framework mapped to a comprehensive integrated security solution set….
    IBM Endpoint Manager for Mobile delivers data security on the mobile device. It enforces the compliance of device configurations with enterprise security policies and employs platform facilities to enforce data encryption.
    IBM Hosted Mobile Device Security Management is a turnkey software-as-a service (SaaS) solution that provides assurance of data security and policy compliance with anti-malware
    IBM Worklight offers developers application-level data security by providing facilities with the tools needed to encrypt their applications’ data
    IBM Security Access Manager for Mobile protects access to enterprise resources by authenticating and authorizing mobile users and their devices. also integrates with IBM Worklight to deliver seamless user and application security.
    IBM WebSphere DataPower message protection and XML firewall capabilities guarantee the integrity of message content
    IBM QRadar offers a unified collection, aggregation and analysis architecture facilitating the consumption of security logs from IBM Worklight; security events from IBM Endpoint Manager for Mobile Devices and IBM Access Manager for Mobile; IBM AppScan app vulnerabilities.
    IBM Lotus® Mobile Connect enables secure encrypted connectivity over non-secure networks and infrastructure from mobile devices to backend systems
    IBM Security AppScan detects vulnerabilities in mobile web applications, in the web elements of hybrid mobile applications and in Android applications through static analysis during development
    IBM WebSphere DataPower protect application programming interface calls.
    IBM Worklight enable organizations to efficiently develop, deliver and run safe HTML5, hybrid and native mobile applications with direct updates and application validation
  • Worklight mobile v6

    1. 1. Marco Dragoni – WebSphere Technical Sales IBM Worklight V6 Technical Overview 1 © 2013 IBM Corporation
    2. 2. Agenda  Challenges and Common Terminologies  IBM Worklight V6 Product Architecture and features  Worklight components  What's new in V6  Security  Product Architecture & Resources 2 © 2013 IBM Corporation
    3. 3. IBM Mobile First offering portfolio Industry Solutions Insurance Retail Transpor t Telecom Government Healthcare Automotive IBM & Partner Applications Strategy & Design Services Application & Data Platform Application Platform and Data Services Management Devices Security Network Development & Integration Services Banking Analytics Servers Cloud & Managed Services © 2013 IBM Corporation
    4. 4. What REALLY makes Mobile different? EVERYWHERE ACCESS GPS GSM/CDMA WiFi Camera Bluetooth RFID LOCATION SENSORS NFC Barcode scanner Microphone 4 Touchscreen Accelerometer Compass CONTEXT © 2013 IBM Corporation
    5. 5. Mobile Application Focus Areas Business to Consumer Business to Enterprise • Improved customer satisfaction • Extend existing applications to mobile workers • Deeper customer engagement and loyalty • Increased worker productivity • Increased sales through personalized offers • Faster business processing • Customer service • Competitive differentiator • Improve brand perception • Increased employee responsiveness and decision making speed • Reduced fuel, gas, or physical asset maintenance costs • Deeper insight into customer buying behavior for up sell and cross sell • Improved buying experience with mobile concierge services 5 5 • Increase revenue through sales engagements • Reduce personnel cost (utilizing personal owned instead of corporate issued devices) • Resolve internal IT issues faster © 2013 IBM Corporation
    6. 6. Evolving Mobile Landscape - Challenges  Mobile Development is more expensive than traditional Web App Development: – Which smartphone? Which tablet? Which form factor?  iOS, Android, Blackberry, Windows Phone  All of the above.. – Skills?  Web or native apps? Java or Objective C? Or other? – Maintenance?  Separate software stacks for each major OS  Separate applications for each major OS  How do I keep software current? – Security?  Encryption? Authentication?  Response to stolen/lost devices? – Management?  Can I see my apps? Can I disable them remotely? – Enterprise Integration?  How do I build cross-channel app?  Since the Mobile field is still evolving, so an enterprise would want to pick a platform that can adapt to the future. 6 © 2013 IBM Corporation
    7. 7. Mobile Application Types Web Apps Hybrid Apps - Web Hybrid Apps - Mixed Native Apps Written in HTML5 JavaScript and CSS3. Quick and cheap to develop, but less powerful than native. Source code consists of web code and included Worklight libraries and executed in a native shell. User augments web code with native language for unique needs and maximized user experience. Platform-specific. Requires unique expertise, pricey and long to develop. Can deliver higher user experience. Cross-device portability Cross-device portability Richness of Mobile Experience Cost of implementation (TCO) Cost of implementation (TCO) Mobile Browser Web Code Worklight Runtime Web Code Worklight Runtime Web Native100101 7 <!DOCTYPE html PUBLIC <html> <! - - created 2003-12-1 <head><title>XYZ</title </head> </body> </html> <! DOCTY PE html PUBLIC create d 200312 </p> </body > </html > Device APIs <!DOCTYPE html PUBLIC <html> <! - - created 2003-1212 - <head><title>XYZ</title > </head> <body> </p> </body> </html> Device APIs 010101 110100 101010 101010 100100 100101 111001 001100 10 Native Application 100101010101110100101 001001010111010010011 010101010100100100101 111001001100101010100 101010101001010101010 101010101011111100000 101010101010100100101 010101010100011110101 000111101010011101010 111110010110111101000 1011001110 Device APIs © 2013 IBM Corporation
    8. 8. Apache Cordova, what is it ? Pieces of native code which runs natively within the mobile OS and a JavaScript wrapper  Apache Cordova (former Cordova) is an open-source mobile development framework developed by Nitobi Software  Cordova provides a JavaScript API that allows developers to access native mobile device features and even execute native code using JavaScript Native code JavaScript Wrapper myFunc(params); © 2013 IBM Corporation
    9. 9. JS Framework (Jquery, Dojo, Sencha), what are they ?  Hybrid Mobile web applications are created in HTML5, CSS3, and JavaScript, and run using the browser API offered by the OS on the mobile device.  The objectives of the JS framework are the following:  quickly create mobile web applications that look and behave consistently across all supported devices  have advanced user interface capabilities providing the developer a standard set of layouts, user interface widgets, and interactions, as well as a rich API for applying and extending them © 2013 IBM Corporation
    10. 10. Agenda  Challenges and Common Terminologies  IBM Worklight V6 Product Architecture and features  Worklight components  What's new in V6  Security  Product Architecture & Resources 10 © 2013 IBM Corporation
    11. 11. Worklight Components Worklight Studio The most complete, extensible environment with maximum code reuse and per-device optimization Worklight Server Unified notifications, runtime skinning, version management, security, integration and delivery ← Worklight Runtime Components Extensive libraries and client APIs that expose and interface with native device functionality Worklight Console A web-based console for control of your mobile apps and infrastructure Worklight Application Center A cross-platform private mobile application store focused on the needs of a development organization or a team © 2013 IBM Corporation
    12. 12. Worklight Architecture Worklight Studio iOS Android HTML5, Hybrid, and Native Coding Blackberr y Windows Phone Optimization Framework 1 Development Team Provisioning Enterprise App Provisioning and Governance Windows 8 Java ME Integrated Device SDKs 3rd Party Library Integration 2 Worklight Application Center App Feedback Management Device Runtime Cross-Platform Compatibility Layer Server Integration Framework Encrypted and Syncable Storage Runtime Skinning Desktop Web Reporting for Statistics and Diagnostics 4 Worklight Server User authentication and mobile trust Mashups and service composition JSON Translation Adapter Library for backend connectivity Stats Aggregation Enterprise Backend Systems & Cloud Services Mobile Web 3 Application Code SDKs Feedback Management Client-Side App Resources 5 Worklight Console Direct Update Mobile Web Apps App Version Management Push /SMS Management Unified Push Notifications © 2013 IBM Corporation
    13. 13. Web-based development (WL Studio capabilities)  Worklight apps are developed using standard web technologies: – HTML – JavaScript – Style Sheets & Images  Worklight apps use the Worklight (WL) JavaScript API to access the Worklight platform capabilities , for example: – Access back-end data and server functionality – Environment specific UI behavior – Use functionality specific to device – Session management – Push notification etc… 13 © 2013 IBM Corporation
    14. 14. Integrating Best-in-class Tools Worklight is compatible with prominent HTML5 libraries and tools: 14 © 2013 IBM Corporation
    15. 15. Single Shared Codebase Common code placed in primary file Environment optimization code is maintained separately 15 © 2013 IBM Corporation
    16. 16. WYSIWYG UI Construction – Dojo Mobile 16 © 2013 IBM Corporation
    17. 17. WYSIWYG UI Construction – JQuery Mobile 17 © 2013 IBM Corporation
    18. 18. Preview in browser simulator Perform device specific tests in the Mobile Browser Simulator: supports PhoneGap 18 © 2013 IBM Corporation
    19. 19. Browser Simulator - example  Defines battery-related data, such as the battery level. You can use the slider to change the battery level and trigger a batterystatus event. The following battery levels trigger events: – Twenty percent triggers the batterylow event – Five percent triggers the batterycritical event  To define the plugged in status of your mobile device, select or clear the Plugged In check box.  Generates the Geolocation values returned by the Cordova API when querying Geolocation data. To generate a new set of values, click Next. To generate the values periodically, click Start. 19 © 2013 IBM Corporation
    20. 20. Runtime Skinning – Use Cases Different Screen Sizes Different Screen Densities Different Input Method Support for HTML5 20 •Decision on which skin to use is done automatically at runtime © 2013 IBM Corporation
    21. 21. Skin creation  Skins are created using the Worklight Skin Wizard  Directories adjacent to the environment directory  Containing HTML/CSS/JS  A special, developer-controlled JavaScript file is run at app startup 21 © 2013 IBM Corporation
    22. 22. Build and Deploy 3 1 2  By selecting the “Build all and Deploy” (1) command, you will have the following results: – the vendor project is created (2 and 3) – portion of the app is deployed to Worklight server 22 © 2013 IBM Corporation
    23. 23. RTC integration Worklight supports shell-sharing with RTC eclipse client SDK Cmd Line Worklight Build Ant Worklight build scripts are supported in RTC Build System Possible extension with DeviceAnywhere and Rational Quality Manager 23 © 2013 IBM Corporation
    24. 24. Worklight Runtime – Shell Approach Organizations can develop “custom shells” that include corporate services, such as authentication and security services, integration services, and branding. Web developers can then use sanctioned shells to develop the business logic of the application using only HTML5  Inner Application: − Implements the application’s logic − Common web code − Utilizes External Shell API’s − Required to comply with shell parameters  External Shell: − Customizable container − Provides JS access to native functionality − Branding, Security, Authentication − Built with the Inner App to create a native App (IPA/APK file) © 2013 IBM Corporation
    25. 25. Device Single Sign-on (SSO)  Device SSO Capability: − Device-side SSO enables a mobile user to authenticate him/her-self once and gain access to all apps from the same developer without being prompted to log in again at each of them  Device SSO implementation: − Implemented using combination of server-side capabilities (realms) and unique device identification (device ID) − On successful login the authentication state is saved in the database and used for validations in subsequent sessions from the same device. Session x Worklight Server App 1 ID Duplicate after receiving ID fro App 2 Session y secure Mobile OS key store App 2 © 2013 IBM Corporation
    26. 26. Direct Update – On device logic (WL Server capabilities) Native Shell 1 Download Pre-packaged resources App Store 2 3 Worklight Server Check for updates Web resources 4 Transfer Cached resources Update web resource 1. Web resources packaged with app to ensure initial offline availability 2. Web resources transferred to app's cache storage 3. App checks for updates on startup and foreground events 4. Updated web resources downloaded when necessary, with user © 2013 IBM Corporation confirmation or silently
    27. 27. JSON Store with data sync  JSON store database is embedded into framework  JavaScript APIs for storing, querying and updating data in offline mode are available  Sensitive data can be encrypted by using a developer/user provided password  Adapter based server-to-client and client-to-server synchronization allows working with data in offline mode and keeping it updated in online mode 27 © 2013 IBM Corporation
    28. 28. Worklight Adapters  Adapters provide the glue between Worklight and back-end applications • Provides the extensibility mechanism for Worklight to call out to back-end systems  Worklight has some interfaces that adapters can use (HTTP, SQL, JMS, CastIron and Node.js in test for V6) • Worklight has client-side JavaScript APIs so that applications can invoke services • Likewise, server-side JavaScript APIs are available to implement procedures (adapters) 28 © 2013 IBM Corporation
    29. 29. Worklight Studio - developing adapters files  An adapter contains three files for configuration and implementation • The first file is XML and contains the overall metadata (procedure names, protocol etc) • Second file is JavaScript and contains one function (procedure) for each entry point • Third an XML transformation file if necessary  Adapters are uploaded to Worklight Server ready for mobile applications • Once deployed, adapters are managed through the Worklight Console © 2013 IBM Corporation
    30. 30. Worklight adapters Framework © 2013 IBM Corporation
    31. 31. Worklight Studio - developing and testing adapters (1) Implement Adapter procedures 1 (2) Deploy Adapter to embedded web container 2 (3) Invoke Adapter Procedure 31 IBM Mobile Foundation PoT - Introduction to Application Development with Worklight 3 © 2013 IBM Corporation
    32. 32. Push Notification A Push Notification is the ability of a mobile devices to receive messages that are “pushed” from a server Notifications are received regardless of whether the application is currently running or not Notification may take several forms: Alert – a pop-up text message Badge – a small badge mark appearing next to the application icon Sound alert The user must approve the push notification subscription 32 © 2013 IBM Corporation
    33. 33. Unified Push Notifications iOS Push API Android Dispatcher Notification State Database Polling Adapters iOS Dispatcher Apple Push Servers (APN) Android Push API Google Push Servers (GCM) SMS API Microsft Push Servers (MPNS) Worklight Client-side Push Services 3rd Party SMS Gateway Microsoft Push API Worklight Client-side Push Services Unified Push API Messagebased Adapters User-Device Database SMS Dispatcher Windows Dispatcher Worklight Client-side Push Services * NOTE: 5.0.6 only supports not-authorized MPSN Administrative Console © 2013 IBM Corporation
    34. 34. Application Center Application Catalog Service Application Catalog Service Application Center Console Application Catalog Service Application Center Application Center iOS / Android Application Server • Upload/Remove applications • Control application access • View application feedback • Obtain information about applications on a device. • Inactivate applications for download • List available applications • Install to a mobile device • Submit application feedback © 2013 IBM Corporation
    35. 35. App Center store to the device • Notion of favorite apps that allows you to keep a list per user of favorite app on the mobile client • Push notifications to get information on updates • Application filtering by OS level and device type (iphone vs ipad) • Simplified configuration through JNDI • Share TEST-ready applications for the Mobile Test Workbench • Support for iOS / Android / BlackBerry 6 and 7 (native / hybrid) 35 © 2013 IBM Corporation
    36. 36. Data Collection and Analytics - BIRT Eclipse BIRT 36 © 2013 IBM Corporation
    37. 37. Data Collection and Analytics – Operational Analytics  The Analytics Dashboard displays the following charts: − Daily Hits − Daily Visits − Active Users − Environment Usage − Notifications Per Day − Notifications Per Source − New Users October 29, 2012 © 2013 IBM Corporation
    38. 38. Dynamic Control of Deployed Apps (WL Console capabilities) Centralized control of all installed applications and adapters Remotely disable apps by device and version 39 Customize user messages © 2013 IBM Corporation
    39. 39. App management 40 © 2013 IBM Corporation
    40. 40. Push Services Management 41 © 2013 IBM Corporation
    41. 41. Geo-Location API – New in V6 • Geo-location information has lots of potential, both for consumer- and employeefacing applications ‒ Creating differentiating services based on user location ‒ Optimizing business processes and operations ‒ Increasing application security • It’s hard to do it right ‒ What to collect and how? ‒ How to use what’s collected? Worklight 6.0 provides you simple and strong tools to: COLLECT and USE on the mobile device Control acquisition of GPS and Wifi coordinates Define points of interest and geofences Trigger actions based on location changes Efficiently transmit to Server USE on the server Store Handle events Perform analytics © 2013 IBM Corporation
    42. 42. Differentiated fast-food service Routing trucks arriving at warehouse Order #1783 to oven ............ More engaging mall experience Location-aware security for hospital app Username Device as an additional auth factor … … Password Submit … … … ✔ … … ? © 2013 IBM Corporation
    43. 43. Geo-Location API – New in V6 Collect, compress and stream important information Adapter Worklight Server Adapter  Client-side APIs − Efficiently sampling GPS, cell triangulation, and Wifi coordinates − Sampling while app in the foreground and in the background − Batch collected data and send to server − Available also when app is offline − Developer in full control  Events based on − Proximity to point of interest − Entering, leaving a geo-fence  Server side – maintain an evolving context that is available for all adapter procedures − React to important geo events − Enrich with business data − Integrate context information with business processes − Storage for analytics purposes Location Data Analytics Repository Feed location data and triggers to business processes decision management systems etc. © 2013 IBM Corporation
    44. 44. Screen Patterns – New in V6  40+ out-of-the-box common screen patterns  Navigation, search, lists and tables, authentication, configuration panels  For jQuery Mobile and Dojo Mobile  Live preview using the underlying widget library © 2013 IBM Corporation
    45. 45. Functional Test Tool – New in V6  Create, run, and automate tests on mobile applications  Improve quality and time-to-value with industry-first app testing − Create resilient and code-less test cases − Record once, play back on multiple devices  Standardized, eclipse based  Comprehensive – Android and iOS, Native and hybrid  Complete – Recording, editing, and running on mobile devices  Resilient – Same test runs across multiple devices  Also for non-developers – Scripts in natural language description Deliver consistently high quality across your mobile app portfolio. © 2013 IBM Corporation
    46. 46. Mobile Test Workbench on client side  A mobile test client is available on the Android and iOS platforms. This client is used to upload apps to the test workbench, to record, to run tests, and to view reports. © 2013 IBM Corporation
    47. 47. Mobile Test Workbench on Development side  A test navigator lists test projects, tests, mobile devices, and the mobile incoming recordings that are used to generate tests.  A device editor lists the devices that are connected to the test workbench. This editor displays detailed specifications of each device, therefore you can select the hardware platforms on which you can deploy and run your tests. © 2013 IBM Corporation
    48. 48. Who is our Competition? Native Development Pre-packaged Mobile Apps • Very costly development and ongoing maintenance • Long time to market • Requires specific knowledge and skills that are not transferable across environments • No App Specific Management Capabilities • No cross-platform compatibility 49 HTML5 and Open Source Frameworks • Lacking complete IDE functionality • No optimization capabilities • No mobile middleware services layer • Does not address enterprise security requirements • No advanced features, e.g. Runtime Skinning, Unified Push, Remote Disable • Application typically presents lowest common denominator • Limited ability to customize UI/UX/Workflow • Rarely provides sufficient middleware and management capabilities • Typically very expensive for high user volume • More suited for SMB Market Other Mobile Enterprise App Platforms • Typically very limited support for HTML5/JS/CSS3 • Often proprietary interpreters and scripting languages • Less agile development • Lacking 3rd-party library compatibility • Business model is primarily based on vendor supplied PS for development © 2013 IBM Corporation
    49. 49. Agenda  Challenges and Common Terminologies  IBM Worklight V6 Product Architecture and features  Worklight components  What's new in V6  Security  Product Architecture & Resources 50 © 2013 IBM Corporation
    50. 50. IBM Security Framework domains IBM MobileFirst offering to secure the enterprise Manage Device & Data IBM Endpoint Manager for Mobile Malware Protection IBM Mobile Device Security (hosted) Application Security IBM Worklight Secure Access IBM Security Access Manager IBM WebSphere Datapower Monitor & Protect IBM Security QRadar Secure Connectivity IBM Mobile Connect Secure Applications IBM Security AppScan Integrate Securely IBM WebSphere DataPower Manage Applications IBM Worklight Internet Corporate Intranet © 2013 IBM Corporation
    51. 51. Worklight – Authentication Integration Framework  The Worklight server-side architecture has been designed to simplify the task of connecting mobile applications with the enterprise back-end authentication infrastructure.  The IBM Worklight framework provides both server-side and client-side mechanisms for assisting with this issue.  Server modules define the collection and handling of credentials (authenticator) and mechanisms to validate or verify the credentials (login module).  On the client side, IBM Worklight supports an authentication framework for asynchronous login requests on session expiration (challenge handler)  In addition, IBM Worklight also supports a number of commonly used mechanisms for authentication such as forms based, cookie based, header based and others. 53 © 2013 IBM Corporation
    52. 52. Worklight – Data Protection REALM  An authentication realm defines the process to be used to authenticate users and consists of a mechanism to collect the user credentials and verifying the user credentials either against a database or LDAP directory.  When a user attempts to access a protected resource, IBM Worklight checks whether the user is already authenticated according to the process defined for the resource’s realm. If the user has not yet been authenticated, IBM Worklight triggers the process of obtaining the client credentials and verifying them, as defined in the realm.  The semantics of the checks are not limited to the authentication, but may implement any logic that may serve as protection for the server side applicaion resources, for example:  User authentication  Device authentication/provisioning  Application authenticity check  Application remote disable  Direct update  Anti-XSRF check (cross-site request forgery) 54 © 2013 IBM Corporation
    53. 53. Worklight – Directory Server Integration  IBM Worklight, when hosted on WebSphere Application Server and the WebSphere Liberty profile can leverage the functionality provided by the underlying JEE runtime to support LDAP directory servers.  WebSphere Application Server provides implementations that support multiple types of registries and repositories including  the local operating system registry, a stand-alone LDAP registry, a stand-alone custom registry and federated repositories.  Hence users can authenticate to IBM Worklight applications using their enterprise logon typically governed by LDAP directory servers. 55 © 2013 IBM Corporation
    54. 54. Worklight – Integrate with Reverse Proxy and Security Gateway  There are several products in the market that function as a reverse proxy and security gateways providing a termination point for HTTPS and user authentication.  IBM Worklight can be configured to work with these types of security components using its flexible authentication integration framework.  IBM Security Access Manager for Enterprise Single Sign-On, IBM DataPower®, CA Siteminder—can be configured as reverse proxy and a security gateway. The most common configuration for integrating with these security gateways includes leveraging the header-based authentication mechanism in IBM Worklight by using the header authenticator and login module that is provided with the base product. 56 © 2013 IBM Corporation
    55. 55. Agenda  Challenges and Common Terminologies  IBM Worklight V6 Product Architecture and features  Worklight components  What's new in V6  Security  Product Architecture & Resources 66 © 2013 IBM Corporation
    56. 56. 67 Deployment architecture Guiding principles: IBM Worklight Server is installed in the organization LAN, connecting to various enterprise back-end systems. IBM Worklight Server can be clustered for high availability and scalability. IBM Worklight Server uses a database for storing push notification information, statistics for reporting and analytics and storing metadata required by the server at run time. A single instance of the database is shared by all Worklight servers. The IBM Worklight Server is installed behind a web authentication infrastructure (Web SSO) acting as a reverse proxy and providing SSL. There can be different topologies depending on the corporates network architecture, disaster recovery, different back-end systems etc. © 2013 IBM Corporation
    57. 57. Worklight Getting Started Resources Worklight Information Center Getting Started Modules • Web based, searchable database • Configuration and installation information • API references • Command line instructions • Living document DeveloperWorks Forum • PDF modules covering environment and programming • Forum for discussing Worklight development • Downloadable, working code samples • Moderated by Worklight product management • Whitepapers covering security, integration, and configuration • Provides direct access to IBM development resources • Samples and modules updated with each Worklight release • Ability to search for known issues or answers © 2013 IBM Corporation
    58. 58. 69 Marco Dragoni © 2013 IBM Corporation