Understand how OData applications fit in the SAP Mobile Platform landscape, and learn how to secure communication paths and enable single sign-on (SSO) for these applications.
- Applications are developed using the OData SDK.
- The SAP Gateway/enterprise information system (EIS) is responsible for data federation and content management.
- OData applications are message based – the SAP Gateway performs queue handling, data caching, and is push enabled to push data changes out to SAP Mobile Server, which in turn pushes these changes to the physical devices.
SAP Mobile Server acts as a pass-through server for OData-based applications.
- An OData client application registers with SAP Mobile Server and subscribes to push notifications from the SAP
Gateway. SAP Mobile Server forwards the
subscription request to the SAP Gateway. The SAP Gateway stores the subscription
request for the collection with the push delivery address (HTTP(S) SSL port).
In an SSO configuration, the client provides credentials to SAP Mobile Server (user name and password, or X.509 user certificate) that are authenticated by the security configuration's authentication module (CertificateAuthenticationLoginModule for X.509 or HttpAuthenticationLoginModule for SSO2). Once authenticated by SAP Mobile Server, and assuming that SAP Mobile Server and the SAP Gateway have a secure communication path, SSO is enabled.
- When application data changes in SAP and determines that a particular client has a subscription to that change, the Gateway connects to the SAP Mobile Server HTTP(S) port and sends a message identifying the client, along with the message payload. SAP Mobile Server looks up the client and queues the message. If the client is connected, the message is delivered immediately. If the client is offline, then SAP Mobile Server attempts to send a push notification to the client (BES HTTP Push for Blackberry, APNS notification for iOS) to attempt to wake up the client and have it retrieve the messages.