<div dir="ltr">Hi Jeff<div><br></div><div>To share OAuth2 tokens between Cordova app and iOS native app on a same mobile, I'd use the Keychain sharing mechanism. I wrote a blog about Keychain sharing between iOS mobile app and its extension [1]. The idea is similar here.</div><div><br></div><div>I think more work is needed on push plugin to make it more extendable and allow the generation of the required Entitlements.plist file [2]. @Erik can talk more about it and obviously PR are welcome.</div><div><br></div><div>Last but not least, for security reason, Keychain sharing is allowed only between apps signed by a same organisation.</div><div><br></div><div>++</div><div>Corinne</div><div>[1] <a href="http://corinnekrych.blogspot.fr/2015/01/sharing-keychain-access-in-share.html">http://corinnekrych.blogspot.fr/2015/01/sharing-keychain-access-in-share.html</a></div><div>[2] <a href="http://shaune.com.au/ios-keychain-sharing-data-between-apps/">http://shaune.com.au/ios-keychain-sharing-data-between-apps/</a></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 3 December 2015 at 09:07, Matthias Wessendorf <span dir="ltr"><<a href="mailto:matzew@apache.org" target="_blank">matzew@apache.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Jeff,<div><br></div><div>sorry for the late response, but did you checkout keycloak project ? The AeroGear team did do OAuth2 libs for Keycloak, as described here:</div><div><a href="https://aerogear.org/docs/guides/security/oauth2-guide/" target="_blank">https://aerogear.org/docs/guides/security/oauth2-guide/</a><br></div><div><br></div><div>Keycloak itself has also support for web apps (e.g. the UPS is protected by it)<br></div><div><br></div><div>HTH,</div><div>Matthias</div></div><div class="gmail_extra"><div><div class="h5"><br><div class="gmail_quote">On Fri, Nov 27, 2015 at 11:49 AM, jeffpower78 <span dir="ltr"><<a href="mailto:jeffpower78@gmail.com" target="_blank">jeffpower78@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">we have a situation where users have applications both html5 based web and<br>
also native iOS apps accessing from iPads<br>
<br>
The requirement is that users access the web based application within a<br>
iPad, which will be redirected to central server for login.<br>
Once user logins, next time, if the same user just tap on the native app<br>
within the same device, it should not again prompt for userid/password,<br>
rather SSO takes care of it<br>
<br>
We need to design so that users can toggle back and forth among mobile<br>
browser apps and mobile apps.<br>
This is ideal for agents, sales reps, who to need to switch quickly among<br>
programs while on the go.,<br>
<br>
Would like to know - is this something aerogear security supports please or<br>
any suggestion, advice?<br>
<br>
Thanks and Regards<br>
Jeff<br>
<br>
<br>
<br>
--<br>
View this message in context: <a href="http://aerogear-users.1116366.n5.nabble.com/Mobile-SSO-web-brower-native-iOS-tp312.html" rel="noreferrer" target="_blank">http://aerogear-users.1116366.n5.nabble.com/Mobile-SSO-web-brower-native-iOS-tp312.html</a><br>
Sent from the aerogear-users mailing list archive at Nabble.com.<br>
_______________________________________________<br>
Aerogear-users mailing list<br>
<a href="mailto:Aerogear-users@lists.jboss.org" target="_blank">Aerogear-users@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-users" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-users</a><br>
</blockquote></div><br><br clear="all"><div><br></div></div></div><span class="HOEnZb"><font color="#888888">-- <br><div>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a></div>
</font></span></div>
<br>_______________________________________________<br>
Aerogear-users mailing list<br>
<a href="mailto:Aerogear-users@lists.jboss.org">Aerogear-users@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-users" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-users</a><br>
<br></blockquote></div><br></div>