Cordova Hybrid app integration with Siteminder Protected REST resource

半世苍凉 提交于 2019-12-06 11:23:50

Finally I have been able to get it working with the following approach:

  1. All the REST resources URL must be protected by siteminder.
  2. Define a GET service which is also a protected resource and will be used for initiating the siteminder session. e.g

    @Context private HttpServletRequest httpRequest;
    
    @GET  
    @Path("/OAMSSO")
    @Produces(MediaType.APPLICATION_JSON)
    public Response getOAMSSO() {
    URI uri = null;  UriBuilder uriBuilder = null;
    String redirectHost = "https://localhost/callback";     
    uri = uriBuilder.queryParam("statusCode", "100")
                    .queryParam("authenticated", "true")
                    .queryParam("userName",                              
    headers.getHeaderString("SM_USER")).build();
    return Response.seeOther(uri).build();
    

    }

  3. In your JS, the following code will initiate the siteminder SSO Authentication in an InAppBrowser. InAppBrowser is a Cordova plugin which needs to be added to your project.

cordova plugin add cordova-plugin-inappbrowser

function getParameterByName(url, name) {
  var match = RegExp('[?&]' + name + '=([^&]*)').exec(url);
  return match && decodeURIComponent(match[1].replace(/\+/g, ' '));
}

document.addEventListener("deviceReady", "onDeviceReady",false);
function onDeviceReady() {
    callOAMSSO();
}

function callOAMSSO() {     
       var url = **<<yourProtectedServiceURL>>**/OAMSSO";
       var target = '_blank';
       var options = "location=yes,toolbar=yes,clearcache=yes,clearsessioncache,enableViewportScale=yes";
       var redirectURL = "https://localhost/callback";

       var ref = cordova.InAppBrowser.open(url, target, options);

       ref.addEventListener('loadstart', loadstartCallback);
       ref.addEventListener('exit', exitCallback);

       function loadstartCallback(event) {                                       
           var url = event.url;            
           if(url.indexOf(redirectURL) > -1){
               ref.close();                
               var statusCode = getParameterByName(url, 'statusCode');
               var authenticated = getParameterByName(url, 'authenticated');
               var userName = getParameterByName(url, 'userName');

               if(statusCode && userName){
                   sessionStorage.userName = userName.toUpperCase();
                   sessionStorage.userNameisValid = "Y";               

                   setTimeout(**invokeYourFunctionForOtherTasks**, 10);
               }
            }
       }

       function exitCallback() {
           alert('Browser is closed...');
       }        
}
  1. when your app opens, an InAppBrowser will open, and will try to fetch the OAMSSO protected resource. Sicne it is siteminder protected and no session is available, the SSO page opens up in the browser where the user can put in the credentials and submit. If the credentials are successful, siteminder will add a SMSESSION cookie and then redirect to the OAMSSO REST resource. The OAMSSO REST resource extracts the siteminder authenticated username and appends as a query param to the callback method i.e redirects to localhost/callback. This is just a dummy URL to identify that the user has been authenticated by siteminder. In the JS, you can check for this URL load, extract the username and then proceed to other tasks of your application. since the siteminder session is already active, you can access other protected resources of your REST service from you app.

    Hope this helps anyone dealing with siteminder SSO authentication from Javascript.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!