[Aerogear-users] Mobile SSO - web brower+ native iOS

Corinne Krych corinnekrych at gmail.com
Thu Dec 3 03:46:54 EST 2015

Hi Jeff

To share OAuth2 tokens between Cordova app and iOS native app on a same
mobile, I'd use the Keychain sharing mechanism. I wrote a blog about
Keychain sharing between iOS mobile app and its extension [1]. The idea is
similar here.

I think more work is needed on push plugin to make it more extendable and
allow the generation of the required Entitlements.plist file [2]. @Erik can
talk more about it and obviously PR are welcome.

Last but not least, for security reason, Keychain sharing is allowed only
between apps signed by a same organisation.

[2] http://shaune.com.au/ios-keychain-sharing-data-between-apps/

On 3 December 2015 at 09:07, Matthias Wessendorf <matzew at apache.org> wrote:

> Hi Jeff,
> sorry for the late response, but did you checkout keycloak project ? The
> AeroGear team did do OAuth2 libs for Keycloak, as described here:
> https://aerogear.org/docs/guides/security/oauth2-guide/
> Keycloak itself has also support for web apps (e.g. the UPS is protected
> by it)
> HTH,
> Matthias
> On Fri, Nov 27, 2015 at 11:49 AM, jeffpower78 <jeffpower78 at gmail.com>
> wrote:
>> we have a situation where users have applications  both html5 based web
>> and
>> also native iOS apps accessing from iPads
>> The requirement is that users access the web based application within a
>> iPad, which will be redirected to central server for login.
>> Once user logins, next time, if the same user just tap on the native app
>> within the same device, it should not again prompt for userid/password,
>> rather SSO takes care of it
>> We need to design  so that users can toggle back and forth among mobile
>> browser apps and mobile apps.
>> This is ideal for agents, sales reps, who to need to switch quickly among
>> programs while on the go.,
>> Would like to know - is this something aerogear security supports please
>> or
>> any suggestion, advice?
>> Thanks and Regards
>> Jeff
>> --
>> View this message in context:
>> http://aerogear-users.1116366.n5.nabble.com/Mobile-SSO-web-brower-native-iOS-tp312.html
>> Sent from the aerogear-users mailing list archive at Nabble.com.
>> _______________________________________________
>> Aerogear-users mailing list
>> Aerogear-users at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-users
> --
> Matthias Wessendorf
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
> _______________________________________________
> Aerogear-users mailing list
> Aerogear-users at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-users/attachments/20151203/173b47d7/attachment.html 

More information about the Aerogear-users mailing list