Show TOC

Provisioning Applications Using Mobile PlaceLocate this document in the navigation structure

You can provision iOS, Android, and Windows 8.1 applications on SAP HANA Cloud Platform mobile services through Mobile Place. Describes how to enable Mobile Place, and provides sample authentication configuration data.

Using the cockpit in SAP HANA Cloud Platform mobile services, you can directly publish the configuration for an application to Mobile Place, without needing to manually pass that data. However, it may be useful to understand the format of the configuration data that is sent. To enable your application to use Mobile Place, set mobilePlace to true in the Logon context in index.html in the application's www folder.

To view or troubleshoot your application:

  1. Log into your SAP HANA Cloud Platform account.
  2. View the Java application.
  3. On the Logging page, view the HTTP Access Log.
  4. View the HTTP request information.
For information on SAP HANA Cloud Platform mobile services, see Administrator in SAP HANA Cloud Platform mobile services.
For information on Mobile Place, see the Mobile Secure Administration Guide.
Security Assertion Markup Language (SAML) Configuration

Kapsel supports SAML authentication for iOS and Android clients on SAP HANA Cloud Platform. When Mobile Place is enabled, SAML configuration items are automatically included in the registration context to enable SAML authentication during logon.

The following is a sample of the configuration data for registering an application with SAML authentication:

Post data:

{
host: "ciatjavahanamobile-example.neo.ondemand.com",
port: 443,
protocol: "https",
mobilePlace: "true",
auth: [
{
type: "saml2.web.post",
config: {
saml2.web.post.authchallengeheader.name: "com.sap.cloud.security.login",
saml2.web.post.finish.endpoint.uri: "/SAMLAuthLauncher",
saml2.web.post.finish.endpoint.redirectparam: "finishEndpointParam"
}
}
]
}

Use the registered email domain to retrieve the configuration for the application.

The endpoint URL can be an absolute path or a relative path. If the URL starts with "https://' or "http://", then it is an absolute path. If it is a relative path, then add the host and port number to get the full path. A relative path must start with a leading /, for example:

 "saml2.web.post.finish.endpoint.uri": "/SAMLAuthLauncher",
Note

The request response in Windows Hybrid SDK (Kapsel) applications through SAML is not supported.

Basic Authentication Configuration

The following is a sample of the configuration data for registering an application with basic authentication:

Post data:

{"host":"ciatjavahanamobile-example.neo.ondemand.com",
 "port":8081,
  "protocol":"https"
}

Use the registered email domain to retrieve the configuration for the application.

To validate the Mobile Place configuration on the Mobile Place server, select the GET GetApplicationConfiguration item from Postman, and update the appConfigID and email address. Send the request and verify that post data is returned.

Client Certificate Registration Configuration

The following is a sample of the configuration data for registering an application with client certificate authentication:

Post data:

{
    "auth": [
            { 
                    "type" : "certificate.sdkprovider",
                    "config" : {
                        "certificate.sdkprovider.*" : "X509FileCertificateProvider"
                    }
         }
    ],
    "host":"ciatjavahanamobile-example.neo.ondemand.com",
    "port":8082,
    "protocol":"https"
}

Use the registered email domain to retrieve the configuration for the application.