Logon Screen Configuration Options

To change the behavior of MAFLogonManagerNG, adjust the feature and default values configuration files at build time. The plist format configuration files are located in the MAFLogonManagerNG.bundle folder. plist is an XML format that can be adjusted in Xcode or in any text editor.

Feature Configuration

To change the behavior of the component, adjust the MAFLogonManagerOptions.plist file, which is in the MAFLogonManagerNG bundle folder in your project.

Key Value Type Description Default Value
keyMAFUrlSchemeForAfaria String Changes the default URL Scheme of the Afaria application. EMPTY
keyMAFUseAfaria BOOL

Determines whether to use Afaria.

NO - the Afaria client application is not called, even if it is present on the iOS device

YES - Afaria client application is always called.

 YES

You can also declare resources with the MAFLogonUIOptions.plist feature configuration, which is in the MAFLogonUING bundle.

Key Value Type Description Default Value
keyMAFLogonUseFlowMode BOOL YES - Logon Core tries to find a suitable communicator implementation for the infrastructure used. It analyses the input provided by the user and triggers test requests to test the various onboarding scenarios. YES
keyMAFLogonAllowAutomaticSecureStoreCreation BOOL Whether to allow the creation of the secure store automatically.

NO - the secure store should be provided/created before the logon component is initialized.

 YES
keyMAFLogonUseSplashScreen BOOL Determines whether to present splash screen when logon operation is called for the first time. YES
keyMAFLogonOperationContextHideRegistrationFields BOOL Defines which fields to show on the resgistratoin screen. Multiple values

Default Values Configuration

The MAFLogonManagerNG.bundle folder contains the MAFLogonOperationContextDefaultValues.plist file, which declares the configuration structure. The plist defines the keys that are used to set default values for the logon scenarios. keyMAFLogonOperationContextDefaultValues is the main key in the default values dictionary. The only screen that supports default values is the registration screen.You can set the default values for the registration screen can be set in the idMAFLogonOperationContextTypeRegister key. Use these keys to set default values for the individual input fields:
Key Value Type Description Default Value
keyMAFLogonOperationContextServerPortNonSecure Number Non secure port 8000
keyMAFLogonOperationContextServerPortSecure Number Secure port 443
keyMAFLogonOperationContextServerHost String Server host name without protocol or port or suffixes EMPTY
keyMAFLogonOperationContextServerPort Number Server port EMPTY
keyMAFLogonOperationContextIsHttps BOOL Whether to use secure channel YES
keyMAFLogonOperationContextServerDomain String The default domain to use. Only used when an SAP Mobile Platform server is present. The domain separation should be supported by the used SAP Mobile Platform server. default
keyMAFLogonOperationContextFarmId String The default farm ID name to be used if a Relay server is included. EMPTY
keyMAFLogonOperationContextSecurityConfig String The default security configuration name to use. EMPTY
keyMAFLogonOperationContextGatewayClient String The default sap-client to be used when communicating with the GW. EMPTY
keyMAFLogonOperationContextGatewayPingPath String The default GW ping path to be used. sap/bc/ping
keyMAFLogonOperationContextResourcePath String The default path to be used for routing through the reverse proxy if any exists EMPTY
keyMAFLogonOperationContextBackendUserName String The default GW username to be used EMPTY
keyMAFLogonOperationContextPasswordPolicy Dictionary The default password policy to apply if no server side policy was provided. Default password policy
To set these values, use a code similar to this:
//replace this with your way of accessing MAFLogonUIViewManager->NSObject<MAFLogonNGPublicAPI> (the logon manager public API)
NSMutableDictionary* defaultValues = [logonUIViewManager.logonManager defaultValues]; 

NSMutableDictionary* contextDefaultValues = [defaultValues objectForKey:@"keyMAFLogonOperationContextDefaultValues"];
NSMutableDictionary* registerContextType = [contextDefaultValues objectForKey:@"idMAFLogonOperationContextTypeRegister"];

[registerContextType setObject:@"300" forKey:@" keyMAFLogonOperationContextGatewayClient"];

[defaultValues setObject:contextDefaultValues forKey:@"keyMAFLogonOperationContextDefaultValues"];

Integrating Directly with Logon Manager

MAFLogonManagerNG is an Objective-C library that you can integrate with any UI implementation. MAF includes a default native Logon UI, but you can also build your own UI.

This image shows a possible architecture of an application integrating directly with MAFLogonManagerNG without using MAFLogonUING:


Logon Architecture
You can integrate your own UI solution through the MAFLogonMediator by implementing your own LogonUIViewManager. This is similar to using the default MAFLogonUING implementation, because MAFLogonManagerNG uses context objects to construct the UI: 
#import <UIKit/UIKit.h>

@protocol MAFLogonNGPublicAPI;
@protocol MAFLogonUICustomizationDelegate;

/**
 This class handles the navigation between the screens
 */
@interface MAFLogonUIViewManager : NSObject <MAFLogonUIViewManaging, MAFLogonUIViewManagingDelegate>

/**
 The logonMediator where the operations can be initiated. One has to set up the @see logonDelegate to be notified about the result of the operations
 */
@property (readonly) NSObject<MAFLogonNGPublicAPI> *logonMediator;

/**
 The actually presented viewController of the application. This will be used to present the logon related screens.
 */
@property (nonatomic, retain) UIViewController* parentViewController;
The LogonUIViewManager must store a reference to the LogonMediator and the presenting ViewController. The second property presents or dismisses a modal view. To initialize LogonUIViewManager, use:
- (id)init {
    self = [super init];
    if (self) {
        self.logonMediator = [[MAFLogonMediator alloc] init];
        self.logonMediator.logonUIViewManager = self;
    }
    return self;
}

To execute a logon operation, call:

- (IBAction)logonButtonTapped:(id)sender {
	[logonUIViewManager.logonManager logon];
}
MAFLogonManagerNG responds to the request through the MAFLogonUIViewManaging interface: 
#pragma mark - MAFLogonUIViewManaging methods

-(void) showViewWithUIContext:(NSMutableDictionary *)aUIContext{
    if([[NSThread currentThread] isMainThread]){
        [self doShowViewWithUIContext:aUIContext];
    }
    else{
        dispatch_sync(dispatch_get_main_queue(), ^{
            [self doShowViewWithUIContext:aUIContext]; //do your custom UI building here!
        });
    }
}
- (void) operationRespondsWithOperationContext:(NSMutableDictionary *)anOperationContext error:(NSError *)anError {
    [currentViewManager operationRespondsWithOperationContext:anOperationContext error:anError];
}
-(void) closeUI {
    [currentViewManager release];
    currentViewManager = nil;
    currentOperationContextType = @"";
    
    [[self baseViewController] popToRootViewControllerAnimated:NO];
    [self.parentViewController dismissViewControllerAnimated:YES completion:^(void){
    }];
}

#pragma mark - MAFLogonUIViewManaging
- (void) operationRespondsWithOperationContext:(NSMutableDictionary *)anOperationContext error:(NSError *)anError {
    [self hideActivityIndicator];
    if (anError != nil && anError.code!=0) {
        [self presentError:anError];
    }
}

Supported Onboarding Scenarios

The MAFLogonManagerNG supports multiple onboarding scenarios, based on the most common infrastructure setups supported by enterprise mobile applications. The company IT of the customer can have SAP Mobile Platform installed and use relay server to route Internet requests to intranet-hosted Gateway systems. Another possibility is to have SAP Mobile Platform, but replace the relay server with IIS or Apache and use it as a reverse proxy.

Logon Method Selection

MAFLogonManagerNG determines the target infrastructure, which can be SAP Mobile Platform or Gateway. It uses this logic:


Logon Method Selection

The operation context object, which contains all information entered by the end user, passes the information to MAFLogonManagerNG. Based on the information, MAFLogonManagerNG decides whether the device user wants to use SAP Mobile Platform server. If the user provides a farm ID , the logon manager constructs and sends an SAP Mobile Platform server communicator-based test request.

Based on the test request response headers, code and cookies, the logon manager decides to use one of these scenarios:
  • Direct Gateway
  • Direct SAP Mobile Platform server
  • SAP Mobile Platform server with relay server
  • SAP Mobile Platform server with third-party reverse proxy
If none of these scenarios are true, MAFLogonManagerNG cannot identify the communicator, and generates an error message.

Additionally, MAFLogonManagerNG searches for any information in the context and selects a method based on all of this information. The context can have default values that are configured by the application developer.

Success and Failure Handling

Onboarding consists of two steps. The first is registration, where MAFLogonManagerNG uses input from the device user to contact the server and register. If this step is successful, your application can send requests to the GW server and obtain data. The second step is to create a data vault on the user device, in which to securely store user credentials and other sensitive information. The data vault must be secured with a passcode and satisfy the requirements of the password policy.

Both of these steps can generate success and failure messages. Error messages are identified by an error code and an error domain, which fits into the iOS error message handling method. You can find definitions for error messages and error codes in the MAFLogonManagerNGErrors.h header file. 
#define kErrorDomainLogonManager @"MAFLogonManagerNGErrorDomain"

#define errMAFLogonManagerErrorOperationCancelled           0
#define errMAFLogonManagerErrorInvalidParameter             1
#define errMAFLogonManagerErrorInvalidOperationCode         2
#define errMAFLogonManagerErrorCommunicationManagerError    3
#define errMAFLogonManagerErrorUserAlreadyLoggedIn          4
#define errMAFLogonManagerErrorOperationExecutionInProgress 5
#define errMAFLogonManagerErrorInvalidOperationContext      6
#define errMAFLogonManagerErrorInvalidCommunicatorId        7
#define errMAFLogonManagerErrorInvalidActionItemId          8
#define errMAFLogonManagerErrorCouldNotDecideCommunicator   9
#define errMAFLogonManagerErrorPasswordsNotEqual            10
#define errMAFLogonManagerErrorOperationNotAllowed          11
#define errMAFLogonManagerErrorInvalidServerHost            12
#define errMAFLogonManagerErrorInvalidBackendPassword       13
#define errMAFLogonManagerErrorPasscodeChangeNotEnabled     14
#define errMAFLogonManagerErrorUploadTraceFailed            15
Parent topic: Developing with MAF Logon