This article will discuss the topic of using PicketLink SAML for mobile applications.
We will cover the following two scenarios:
Mobile HTML Applications
Mobile Native Applications
The mobile HTML applications involve the use of responsive design code with :
HTML/CSS/JS frameworks
HTML5
Server side code base (PHP/RubyOnRails/JavaEE).
The mobile HTML applications are used via:
Mobile Browser
Web Controls in Native Applications
Make the web application to be a PicketLink Service Provider with a responsive design framework.
Mobile Native Applications are usually written for Apple iOS or Android based devices. Although, you can include other native applications written for Windows, Blackberry or Nokia platforms, we restrict ourselves to Apple and Android devices in this article.
SAML based SSO is not the best solution for native applications. You are better off using a newer standard such as OpenID Connect.
If you have to incorporate SAML based SSO into your native applications, read further.
Use Native Web Controls in the native application to obtain PicketLink SAML behavior.
If the application is a pure native application, then you will need an HTTP plus XML parsing library for the native programming of choice. In the case of iOS and Android, an http library can be used to talk to a PicketLink Identity Provider and the XML parsing library is used to parse the responses from the IDP. The code should handle cookie based session management for the IDP. (Reference: https://community.jboss.org/wiki/PicketLinkRESTAPI )