mobile user authentication with on premise ldap server
play

Mobile User Authentication with On-Premise LDAP Server / Social - PowerPoint PPT Presentation

Jul 03, 2023 •277 likes •501 views

Mobile User Authentication with On-Premise LDAP Server / Social Login using IBM Mobile Foundation My My W Ward wh what is t is th the a app a about Ser Servi vices ces used used IBM Mobile Foundation V8 {API} Mo

  1. Mobile User Authentication with On-Premise LDAP Server / Social Login using IBM Mobile Foundation

  2. ‘My ‘My W Ward’ ’ – wh what is t is th the a app a about

  3. Ser Servi vices ces used used

  4. IBM Mobile Foundation V8 {API} Mo Mobile optimized Backe Ba kend logic and Ap App Lifecycle RE REST APIs enter ent erprise e Management Ma Of Offline Sync Ma Manage Feature in integratio ion wi with on Release using Live Re De Device data Up Update IT Business Operations AI AI Model Distribution Teams Teams Mobile Mo Adapter auto Ad Projects Pr ge generation on f for or a any Co Comprehensive Ba Backe kend RE REST Se Security and Cloud and ud Mobile Mo Fu Function ons A APIs Is Development Analytics with An Adapters for Ad Ri Rich Push Crash and Cr Cognitive services Co notificat no cation Flexible Hosting Choice Alert Al SDKs SD Ks Mo Mobile Digital App Builder Di Starter Pr St Projects, Fo Found undation n Dev Re Ready Apps, and Admin CLIs an Is Sa Samp mples

  5. IBM Mobile Foundation Architecture Web Server to host We Web artif ifacts Backend /api Mobile Foundation V8 Se Secured Mobile Adapters rs RE REST ST APIs App App Backend layer) On On-pr prem HT HTTP • Se Serve vers el API End points Microservice la App Au Ap Authenticity § Cl Cloudant • REST anno RE nnotated § App Checks Ap ksum § Cogniti tive • Java Ja MF Clie MF lient Devi De vice § /api servi se rvices Ja Javascript § white telist/ t/blackl klist SDK SDKs Cogniti tive NLU & • De Define sc scopes s § Certi tificate te pinning § Conversati tion and polici an cies es check ch ecks Open Whisk Op • Auto-Gen Au Gen § API Gateway (Mi App lifecycle, Versio Ve ion enforce § Rules Rule framework fr crash analytics, annel Authoriza zation § Server Se security, push, chan app authenticity Omni-ch events on on Ana nalyt ytics Offl Offline Sync Push ush Om API Cloud Cl oud Di Direct & Toolin Tooling Consol Console App Distribution Ap Li LiveU eUpdate ate Rich Ric h CLI LI • /api Platform Services RMAD* RM • St Standalone server • /api Samples, SD Sa SDKs • CI/CD DevOps PLAN DEV BUILD TEST DEPLOY PROD

  6. Ba Base pattern – Hyb Hybrid id m mobile ap ile app wit with clo cloud n nat ative b ive back acken end Code - https://github.com/IBM/Ionic-Mobile Foundation-App/

  7. Mo Mobi bile User Au Auth thenti ticati tion pa patte ttern – bu built t on ba base pa patte ttern

  8. Components setup 1. Create Cloudant database and populate it with sample data 2. Create IBM Cloud Object Storage service and populate it with sample data 3. Setup LDAP server and Secure Gateway Client 4. Register Android App with Google and Facebook for Social Login

  9. Architecture flow diagram

  10. this.fb.login(['public_profile', 'user_friends', 'email']) Sign-in service .then(res => { if(res.status === "connected") { …. 2 var accessToken = res.authResponse.accessToken; … Provider Cloud CLOUDANT OBJECT 3 Maps STORAGE SDK Mobile Foundation SDK 1 MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter facebooklogin()

  11. Sign-in service Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation SDK SDK 4 MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter WLAuthorizationManager.login(this.securityCheckNameSocial, credentials)

  12. Validate the accesstoken HTTPS GET https://graph.facebook.com/ Sign-in service 5 Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation SDK SDK MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter

  13. Sign-in service Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation SDK SDK 6 MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter Receive the authenticated user information from the securitycheck

  14. @GET @OAuthSecurity(scope = "socialLogin") Sign-in service @Path("/socialLogin") @Produces("application/json") public Response getAllEntries_sl() throws Exception { … } Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation 7 SDK SDK MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter

  15. @GET Sign-in service @OAuthSecurity(scope = "socialLogin") @Path("/socialLogin/objectStorage") @Produces("application/json") public Response getObjectStorageAccess_sl() throws Exception { … } Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation 8 SDK SDK MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter

  16. Mobile app initializes image-caching plugin Uses the authorization token to fetch the images from Object storage. Mobile app displays the data obtained Sign-in service from MFP adapter as a list of items. The image caching plugin running on the mobile app downloads and caches images from Cloud Object Storage. Provider Cloud 9 CLOUDANT OBJECT Maps STORAGE Mobile Foundation SDK SDK 10 MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter

  17. Sign-in service 2 5 Provider Cloud 9 CLOUDANT OBJECT 3 Maps STORAGE 6 7 8 SDK 10 Mobile Foundation SDK MOBILE FOUNDATION User Ionic application Social Login Resource 4 security check Adapter

  18. <property name="ldapURL" defaultValue="ldap://caplons.integration.ibmcloud.com:11111" displayName="The LDAP Server URL"/> Provider Cloud Customer Data center CLOUDANT OBJECT Maps STORAGE 6 Mobile Foundation 5 7 SDK 4 8 Secure Enterprise Gateway LDAP Server Client SECURE GATEWAY 3 2 1 MOBILE FOUNDATION User Ionic application LDAP security Resource login() check Adapter WLAuthorizationManager.login(this.securityCheckName, {'username':username, 'password':password})

  19. Demo

  20. Resources - Links 1. DevOps with Mobile Foundation 2. In App Feedback for obtaining direct feedback from end users 3. PWA Support 4. React Native SDK 5. Security Capabilities 6. Offline Sync 7. Low code App Development • Other Useful Links v Industry Ready Apps v Mobile Blogs v Dev Center v Stack Overflow v Slack v Get Help

  21. Resources – Code Patterns 1. Develop a hybrid mobile app with a cloud-native back end https://developer.ibm.com/patterns/develop-hybrid-mobile-app-with-cloud-native-back-end/ https://github.com/IBM/Ionic-MFP-App/ 2. Secure mobile offline synchronization https://developer.ibm.com/patterns/secure-offline-synchronization-ibm-mobile-foundation/ https://github.com/IBM/MFP-JSONStore-OfflineSync 3. Mobile User Authentication with On-premise LDAP Server/Social Login using Mobile Foundation https://developer.ibm.com/patterns/implementing-mobile-user-authentication https://github.com/IBM/MFP-Auth-LDAP/ 4. Tag-based push notifications using IBM Mobile Foundation https://github.com/IBM/tag-based-push-notifications

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

GESTURE-BASED USER AUTHENTICATION FOR MOBILE DEVICES Dennis Guse Quality and Usability Labs, TU

GESTURE-BASED USER AUTHENTICATION FOR MOBILE DEVICES Dennis Guse Quality and Usability Labs, TU

GESTURE-BASED USER AUTHENTICATION FOR MOBILE DEVICES Dennis Guse Quality and Usability Labs, TU Berlin 1 AUTHENTICATION ON MOBILE DEVICES Mobile Devices Interaction style Limitations 2 GESTURE-BASED USER AUTHENTICATION Personalized

239 views • 13 slides
External Authentication with Percona Server for MongoDB and MongoDB Enterprise Jason Terpko DBA

External Authentication with Percona Server for MongoDB and MongoDB Enterprise Jason Terpko DBA

External Authentication with Percona Server for MongoDB and MongoDB Enterprise Jason Terpko DBA @ Rackspace/ObjectRocket linkedin.com/in/jterpko 1 Overview Percona Server For MongoDB o SASL and LDAP o MongoDB Enterprise o Kerberos and

430 views • 25 slides
UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity

UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity

UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity System UCSBnetID authentication UCSB-wide student and employee info http://www.identity.ucsb.edu/ LDAP Overview Lightweight Directory Access Protocol

604 views • 24 slides
LDB and the LDAP server in Samba4 Simo Sorce Samba Team idra@samba.org simo.sorce@quest.com

LDB and the LDAP server in Samba4 Simo Sorce Samba Team idra@samba.org simo.sorce@quest.com

LDB and the LDAP server in Samba4 Simo Sorce Samba Team idra@samba.org simo.sorce@quest.com http://www.samba.org/~idra What is LDB ? LDB is an LDAP-like database interface LDAP-like data model support LDAP like search expressions but it

1.03k views • 24 slides
Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP

Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP

Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP LDAP Servers Information Structure Protocol Overview LDAP operations UNDERSTANDING LDAP LDAP stands for Lightweight Directory Access

268 views • 12 slides
SER Authentication with Radius and LDAP Nimal Ratnayake &lt;nimalr@learn.ac.lk&gt; Lanka

SER Authentication with Radius and LDAP Nimal Ratnayake &lt;nimalr@learn.ac.lk&gt; Lanka

SER Authentication with Radius and LDAP Nimal Ratnayake &lt;nimalr@learn.ac.lk&gt; Lanka Education and Research Network (LEARN) and Department of Electrical &amp; Electronic Engineering, University of Peradeniya 1 SER Authentication

1.03k views • 22 slides
Securing Next- generation Mobile Platf orms: The User- to- Device Authentication I ssue MPSoC

Securing Next- generation Mobile Platf orms: The User- to- Device Authentication I ssue MPSoC

Securing Next- generation Mobile Platf orms: The User- to- Device Authentication I ssue MPSoC (August 2006) Srivaths Ravi (Email: sravi@nec- labs. com) NEC Laboratories America Princeton, NJ Security Requirements of Mobile Appliances

159 views • 12 slides
Authentication CS 4720 Mobile Application Development CS 4720 System Security Human:

Authentication CS 4720 Mobile Application Development CS 4720 System Security Human:

Authentication CS 4720 Mobile Application Development CS 4720 System Security Human: social engineering attacks Physical: steal the server itself Network: treat your server like a 2 year old Operating System: the war

574 views • 22 slides
Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR

Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR

Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR CONSULTANTS www.XFactorConsultants.com User Authentication (Auth) The methods by which a web app verifies the identity of a user and limits their

334 views • 8 slides
SCRAM in LDAP Better Password-based Authentication Kurt Zeilenga Isode Limited What is SCRAM?

SCRAM in LDAP Better Password-based Authentication Kurt Zeilenga Isode Limited What is SCRAM?

SCRAM in LDAP Better Password-based Authentication Kurt Zeilenga Isode Limited What is SCRAM? S alted C hallenge R esponse A uthentication M echanism SCRAM-SHA-1-PLUS An improved SASL mechanism for password authentication of the

469 views • 31 slides
For System Integrators The Connect2id mantra Your users Your UIs / UX Your rules Your premise

For System Integrators The Connect2id mantra Your users Your UIs / UX Your rules Your premise

For System Integrators The Connect2id mantra Your users Your UIs / UX Your rules Your premise / cloud You are in control Top integration concerns of enterprises authz logic user authentication + shape explicit / implicit consent + plug-in

714 views • 28 slides
Information Security Identification and authentication Advanced User Authentication I 2016-01-26

Information Security Identification and authentication Advanced User Authentication I 2016-01-26

Information Security Identification and authentication Advanced User Authentication I 2016-01-26 Amund Hunstad Guest Lecturer, amund@foi.se Agenda for this part of the course Background Statistics in user authentication Biometric systems

865 views • 40 slides
Information Security Identification and authentication Advanced User Authentication I 2019-02-01

Information Security Identification and authentication Advanced User Authentication I 2019-02-01

Information Security Identification and authentication Advanced User Authentication I 2019-02-01 Amund Hunstad Guest Lecturer, amund@foi.se Agenda for this part of the course Background Statistics in user authentication Biometric systems

573 views • 32 slides
Information Security Identification and authentication Advanced User Authentication I 2018-02-02

Information Security Identification and authentication Advanced User Authentication I 2018-02-02

Information Security Identification and authentication Advanced User Authentication I 2018-02-02 Amund Hunstad Guest Lecturer, amund@foi.se Agenda for this part of the course Background Statistics in user authentication Biometric systems

568 views • 41 slides
User Authentication Passport Jason Situ Passport What is it? Passport is authentication

User Authentication Passport Jason Situ Passport What is it? Passport is authentication

User Authentication Passport Jason Situ Passport What is it? Passport is authentication middleware for Node. It is designed to serve a singular purpose: authenticate requests. Supports a comprehensive set of authentication mechanisms called

808 views • 16 slides
Security with LDAP Andrew Findlay Skills 1st Ltd www.skills-1st.co.uk February 2002

Security with LDAP Andrew Findlay Skills 1st Ltd www.skills-1st.co.uk February 2002

Security with LDAP Andrew Findlay Skills 1st Ltd www.skills-1st.co.uk February 2002 andrew.findlay@skills-1st.co.uk Security with LDAP Applications of LDAP White Pages NIS (Network Information System) Authentication

257 views • 15 slides
Specifying Kerberos 5 Cross-Realm Authentication Chris Walstad Joint work with Iliano Cervesato,

Specifying Kerberos 5 Cross-Realm Authentication Chris Walstad Joint work with Iliano Cervesato,

Specifying Kerberos 5 Cross-Realm Authentication Chris Walstad Joint work with Iliano Cervesato, Aaron D. Jaggard, Andre Scedrov Supported by ONR, NSF, NRL Overview Introduction Kerberos 5 Formalization Properties

454 views • 24 slides
Authentication and technology Secure Communication people Jeff Chase Duke University Where

Authentication and technology Secure Communication people Jeff Chase Duke University Where

Authentication and technology Secure Communication people Jeff Chase Duke University Where are the boundaries of the system that you would like to secure? Where is the weakest link? What happens when the weakest link fails? The First

574 views • 10 slides
CS 4803 Computer and Network Security Servers Users How do users prove their identities when

CS 4803 Computer and Network Security Servers Users How do users prove their identities when

Many-to-Many Authentication ? CS 4803 Computer and Network Security Servers Users How do users prove their identities when requesting services from machines on the network? Alexandra (Sasha) Boldyreva Nave solution: every server knows

217 views • 5 slides
CVMFS for Data Federations Derek Weitzel University of Nebraska - Lincoln Problem with Data

CVMFS for Data Federations Derek Weitzel University of Nebraska - Lincoln Problem with Data

CVMFS for Data Federations Derek Weitzel University of Nebraska - Lincoln Problem with Data Federations Users must know the exact filenames for each job. They have to use special tools they are unfamiliar with in order to use it (such

408 views • 18 slides
Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding

Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding

Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding COMP4631 L16 1 Agenda Distributed system security Introduction to Kerberos V4 Kerberos Realms Authentication with Kerberos in Windows NT 5

751 views • 30 slides
S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual property

S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual property

S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual property unencumbered, easily explained, provably secure, pseudonymous, 2-party, web domain based, authenticated identity solution, including complete identity

840 views • 38 slides
Getting web authentication right Joseph Bonneau jcb82@cl.cam.ac.uk Security Protocols Workshop

Getting web authentication right Joseph Bonneau jcb82@cl.cam.ac.uk Security Protocols Workshop

Getting web authentication right Joseph Bonneau jcb82@cl.cam.ac.uk Security Protocols Workshop March 28, 2011 J. Bonneau (U. of Cambridge) Getting web authentication right March 28, 2011 1 / 14 A parable of obsolescent technology Credit:

256 views • 22 slides
04832250 Computer Networks (Honor Track) A Data Communication and Device Networking

04832250 Computer Networks (Honor Track) A Data Communication and Device Networking

04832250 Computer Networks (Honor Track) A Data Communication and Device Networking Perspective A Data Communication and Device Networking Perspective Module 6: Network Security Prof. Chenren Xu Center for Energy-efficient

532 views • 49 slides

More recommend