Best Practices for Backend integration with enterPrise smartPhone aPPlications

crickettachyphagiaMobile - Wireless

Dec 10, 2013 (3 years and 5 months ago)

73 views

Best Practices
for Backend
i
n
tegration
with
e
n
ter
P
r
ise
s
m
art
P
h
one
a
PP
l
ications
t
echnical Brief
t
echnical Brief
Best Practices for Backend
i
n
tegration
Best
P
ractices for
integrating mo
B
i
le
a
PP
s
with the
enter
P
r
ise
B
a
ckend
i
n the enterprise environment, there are several common
tasks involved when building mobile apps to connect to
backend applications.
f
o
r example, you’ll need to:

c
o
nnect to the backend application, typically
through some web service protocol

r
e
trieve the payload data from that backend


P
arse the data into a consumable form

s
t
ore the data locally on the device in some form
of database and employ some form of ongoing
database management when data is stored locally

e
n
crypt the data on the device (when sensitive
information is involved)


M
ake sure that data and applications can be
remotely wiped if a device is lost or stolen, or
an employee is terminated
While apps that require synchronized offline data access
on the smartphone can eliminate a number of these
steps, a sync server would be required, which creates
a specific task list of its own, including:


H
osting the sync server

t
y
ing the sync server with the overall
enterprise authentication directory


W
riting a sync “source adapter” to interact
with the backend application
t
o
execute these key steps, following are best
practices that will help simplify the development
of connections between native applications and
backend business systems.
e
xecutive summary
s
martphone app usage is exploding, sparked
by consumers who have installed iPhone
and
a
n
droid apps by the millions. Yet while
the trend may have begun with consumers,
app usage is quickly migrating to enterprises
that are looking to take advantage of today’s
powerful mobile devices to make their
workers more productive.
t
h
is new “app culture” is changing the
paradigm in application development.
o
v
er the past fifteen years, application
development has largely focused on web
apps and a centralized computing model.
By contrast, smartphone applications are
dominated by native apps that run locally on
the device itself and use device capabilities.
i
n
short, smartphone apps today represent
“computing at the edge.”
But in order to use smartphone applications
to extend company data in real time to
mobile users, the applications will need
to be integrated with company backend
systems — no longer will these apps be
able to run completely independently on
the smartphone.
t
h
is whitepaper focuses
on a set of best practices that will help
developers more easily create those
connections to reduce app development
time and cost.
PAGE 1
PAGE 2
t
echnical Brief
Best Practices for Backend
i
n
tegration
Parsing
r
es
P
onses
o
nce an application retrieves the data, it needs to
extract the necessary data from the payload. Your two
options for doing so are J
s
on

and XML parsing.
Best Practice
r
e
commendations:
i
f
you are handling
a large XML payload, you should consider using a
stream or pull parser as opposed to using the XML
d
o
cument
o
b
ject Model (
d
o
M
) to retrieve the data.
i
f
you have more than 10 MB of data, you should
consider using a more efficient method than a text
stream for getting the data to the device.
f
o
r example,
consider an archived compressed format and deliver
the compressed data in bulk to the client device.
t
h
is
approach is known as “bulk sync.”
Po
P
ulating the
d
ata
B
ase
o
nce an application has the data, you need to create
a way to populate a database or local cache.
Best Practice
r
e
commendations: Mobile users do
not want to wait every time they start an app for their
data to be retrieved from the server.
g
e
nerally this
means taking the parsed data and creating records in a
database.
f
o
r maximum usability in the enterprise, your
application should give users the ability to store their
changes locally before they are applied to the server.
t
h
is requires managing the local database, as well
as some level of data synchronization, which will be
discussed shortly.
s
ecure
s
torage
When data is stored locally on the device, you may
need to encrypt the data prior to storage.
f
o
r example,
your application may need to comply with regulatory
standards like H
i
P
a
a
.

o
r
your application may contain
sensitive information like personal financial data or
company trade secrets.
i
n
these cases, encryption
protects the data in the event a device is lost or stolen.
Best Practice
r
e
commendations:
s
i
nce encryption
slows down application performance, you should
encrypt only when necessary — and only the subset of
data that is sensitive and requires the extra security.
c
onnection
c
onnections will typically be made via http, or when a
secure connection is required, via https.
i
n
addition, the
application needs to handle authentication in a secure way.
Best Practice
r
e
commendations:
g
e
nerally
speaking, you will want to use basic authentication
challenges from smartphone devices instead of more
elaborate protocols like
n
t
L
M.
o
n
devices such as
BlackBerry, you may need to explicitly control which
network (i.e. Wi-
f
i
or 4
g

carrier network) will be used
as the transport.
c
o
nsider using some form of asynchronous connection
to keep the smartphone user interface responsive.
d
e
sktop and web apps can often get away with the
delay caused by synchronous connections, while the
device waits for a response. By contrast, the user
interface on a mobile device should stay responsive
while it waits for the connection and information
retrieval.
a
s
a result, a mobile app should perform
some method of asynchronous connection with a
callback on the return.
d
ata
r
etrieval
t
he first step in integrating to the enterprise backend is
determining how to expose the backend.
c
u
rrently,
r
est

and
s
oa
P
web services are two common integration
methods, although you may have inherited an older
method such as
d
co
M
,
c
o
rba or XML-
r
P
c

gateways.
t
h
e next step is to select the payload format.
c
o
mmon
approaches include XML and J
s
on

payloads, with
J
s
on

being much smaller and easier to process.
Best Practice
r
e
commendations:
i
f
your application
is communicating directly from a device, the preferred
approach is a J
s
on

payload exposed via a
r
est

interface. When absolutely necessary, you can connect
directly to a
s
oa
P
service. However,
s
oa
P
should
be avoided when using older BlackBerry devices.
i
n
a
ddition, you should make sure that the payload is not
too large when connecting to a
s
oa
P
service.
s
o
me legacy methods are acceptable when using a
sync server, as the sync server can act as a proxying
mechanism to make data easily retrievable by the device.
t
echnical Brief
Best Practices for Backend
i
n
tegration
PAGE 3
and delete information in the case of bidirectional
data.
i
n
most cases, this requires much less code than
performing all of the connection, retrieval, extraction
and storage from the device.
i
n
addition, the sync server
typically has a richer set of libraries and tools available
to make those backend connections.
t
h
e server can
usually handle whatever format the backend application
exposes, as opposed to requiring a new web service
to be exposed.
Best Practice
r
e
commendations: You should ensure
that whatever server you use for synchronization
supports “push sync.”
t
h
is means that any changes
made to the backend application are immediately sent
to any relevant devices — eliminating the need for
the device to “poll” occasionally for changes. Polling
drains the mobile device battery and can lead to stale
data. Be aware that your backend application must
have some type of notification mechanism exposed.
i
n
a
ddition, there must be some way of performing a push
to the device to make this happen, as “homegrown”
approaches to sync typically do not support push.
e
asing integration tasks
with
r
h
o
m
o
B
i
le
s
u
ite
Whether developers choose to write applications in
o
b
jective
c

or Java, or a framework like
r
h
oMobile
or Phone
g
a
p, the tasks described in this paper
often represent the bulk of development effort
and code scope.
t
h
e
r
h
o
c
o
nnect
a
p
plication
i
n
tegration
s
e
rver and
other components of
r
h
oMobile
s
u
ite streamline each
of these tasks, drastically reducing the effort involved
in mobilizing an enterprise application.
With
r
h
o
c
o
nnect, a developer just needs to provide a
“source adapter” for each model and the
r
h
o
c
o
nnect
server handles all the necessary tasks.
t
h
e
r
h
o
c
o
nnect
server will:

c
o
nnect to the backend application

r
e
trieve the data


P
arse the response
aPP
and
d
ata
d
e
P
rovisioning
Whenever sensitive data is stored on a device, there
should be a way to deprovision applications and data,
in case the device is lost or an employee is terminated.
t
h
is is true even when encryption is used.
Best Practice
r
e
commendations: Your app and data
management capability should be able to leverage the
user list from the enterprise directory.
t
h
ere are several
mobile app and device management solutions from
vendors such as
s
y
base,
g
o
od
t
e
chnology, Mobile
i
r
on
and Motorola
s
o
lutions’
r
h
oMobile.
s
t
rongly consider
implementing one of these solutions as part of your
general smartphone app planning, particularly when
synchronized data is involved.
d
ata
s
ynchronization
With enterprise applications, users need to be able to
access, enter and update information, whether they are
connected to a network or not.
t
h
is feature is important
for several reasons:


W
orkers need to stay productive every minute of
the workday — and often that means accessing or
handling data even when a network is not available.

o
f
fline data synchronization gives workers added
confidence when entering information.
i
f
there’s a
brief network glitch, workers won’t lose whatever
data they’ve been entering.


L
ocally available data creates a faster user
experience — and the data is always available
for users right at startup.
But managing all the data for the many different types
of devices, clients and operating systems is the most
difficult of tasks — you must correctly identify old,
new and changed data, and determine what data
belongs on each device.
a

good synchronization server and client app framework
will greatly simplify data synchronization by handling all
the tasks outlined in this paper: connecting, retrieving,
parsing and storing data.
t
h
e only task for the app
developer should be to write the code for the sync
server to connect to the backend application — this
is typically called a “source adapter.”
i
n
this case, the
developer writes code to enable the server to retrieve
or query information — or to retrieve, create, update
t
echnical Brief
Best Practices for Backend
i
n
tegration
PAGE 4
t
he
r
ho
c
onnect
s
ource
a
da
P
ter
i
n most cases, a “source adapter” must be written to
connect to the backend application.
s
p
ecifically, this
means writing “query”, “create”, “update” and “delete”
methods to allow users to interact with the backend
system.
t
h
e source adapter query method returns
data in a standard “hash of hashes” result and the
r
h
o
c
o
nnect server takes care of the rest of the work
to populate the data in the device’s database.


P
opulate a server cache with the information via a
very efficient
r
e
dis database.


M
onitor all of the smartphone devices that connect
to the
r
h
o
c
o
nnect server and ensure that relevant
data updates are performed in a timely fashion.
t
h
e
r
h
o
c
o
nnect server can be used regardless of
whether or not the smartphone application is written
using the
r
h
oMobile
s
u
ite framework.
r
hoMobile
s
uite provides all the elements needed to streamline and simplify backend integration — regardless of whether users are
inside or outside the four walls working online or offline or whether your application requires information located in multiple databases.
e
v
en backend changes are easy to accommodate — when new fields are added to the backend application, they can automatically appear
in your mobile application — no programming required.
Redis database
RHOGALLERY
APP LAUNCHPAD
RHOGALLERY
APP MANAGER
Source adapter
Transparent Sync
RHOSYNC
APP INTEGRATION
SERVER
SMARTPHONE
REST/JSON
SOAP/XML
Direct Database
Direct connections requiring manual code
Enterprise Directory
(no app code)
Enterprise
backend
application
Enterprise
backend
application
SQLite
Database
RhoConnect
Client
RhoElements
Client
SQLite
Database
App
SQLite
Database
Objective C
App
Obj-C
RhoConnect
Client
SQLite
Database
Other App
JScript
RhoConnect
Client
Enterprise
backend
application
Enterprise
backend
application
r
ho
m
o
B
ile
s
uite
a
rchitecture
t
echnical Brief
Best Practices for Backend
i
n
tegration
PAGE 5
r
ho
m
o
B
ile
a
utomatic
e
ncry
P
tion
i
n those cases where an application must comply with
industry security standards and handle sensitive data
(such as patient information in a medical information
system or personal financial information in a banking
system), it’s often necessary to encrypt any data stored
on the device.
i
f
the smartphone app is written with
r
h
oMobile
s
u
ite and the “secure app” option is turned
on, then the data will automatically be encrypted when
it’s populated in the device database — there’s no need
to write any code in the smartphone app.
a
utomatic
d
e
P
rovisioning
a
nother concern when integrating smartphone apps
with critical enterprise systems is what happens if a
device is lost or stolen — or an employee is terminated.
r
h
o
g
a
llery allows apps and data to be deprovisioned
whenever the
i
t

administrator chooses.
r
h
o
g
a
llery is
an app management feature on the
r
h
oHub hosted
development site and provides a client app that can be
used to control app execution.
r
h
o
g
a
llery integrates with
the enterprise directory (such as L
d
a
P
) to get the list of
acceptable users and determine if users are still valid.
s
ynchronization
i
n addition to easing the app integration process,
r
h
o
c
o
nnect also provides for synchronized offline
data.
t
h
is feature enhances the value of your app, as
business users can fully use the application whether or
not they are connected to the
i
n
ternet.
o
f
fline data also
enhances the user’s perception of app performance, as
data is always present on the device — users never
need to waste time waiting information to be retrieved
from the backend.
i
t
’s important to understand that an application that
just retrieves information and stores it on the device
is not the same as synchronized offline data.
t
h
e
key difference is the lack of “push data,” as these
applications require data to be retrieved by an explicit
request or end user action. Yet with
r
h
o
c
o
nnect,
data can be pushed to the device in real-time, without
any actions from the end user.
i
t
’s extremely rare for
applications to support push data when sync functions
are manually written.
a
d
ditionally, without a server like
r
h
o
c
o
nnect to keep track of the master list of data,
the device must receive a complete copy of all the data
each time instead of just the changes.
t
h
e “create,” “update” and “delete” methods you write
can expect object attribute and value information to
be provided to it by the
r
h
o
c
o
nnect server based on
whatever the client app has done to create or update
record information.
f
o
r example, the “query” method
might connect to the backend application’s
r
est

interface, retrieve the data as a J
s
on

payload and then
put the data into a standard @result “hash of hashes”
variable.
t
h
is approach saves huge amounts of code
compared with the typical “direct connect” way of
handling data feeds.
t
h
e code can be as simple as:
i
n
the case of an application that just retrieves
information, those five lines of code can replace
hundreds of lines of
o
b
jective
c

or Java code for an
application that might connect directly.
i
n
addition,
your app and its users will benefit from having
automatically synchronized offline data.
Bulk
s
ync
With the creation of a source adapter,
r
ho
c
onnect
handles the connection and retrieval of data, parsing
the response and populating the local database.
r
h
o
c
o
nnect also supports “bulk sync” capabilities
for handling large database delivery.
i
f
bulk sync is
turned on, the
r
h
o
c
o
nnect server will create an
s
Q
Lite
database on the server and send it compressed to all
devices.
t
h
is is very helpful for those models (business
objects) with large amounts of data such as product
catalogs or customer account lists.
def query
items=JSON.parse(open(“http://
yourcompany.com/crm/accounts.
json”).read)
@result={}
items.each do |item|
@result[item[“id”]]=item
end
end
t
echnical Brief
Best Practices for Backend
i
n
tegration
PAGE 6
f
or information on how Motorola
s
olutions can help you
create next-generation
o
s
-
agnostic mobile applications,
please visit www.motorolasolutions.com/
r
h
oMobile
s
uite
s
u
mmary
r
ho
c
onnect minimizes much of the effort involved
with integrating mobile apps with backend applications.
i
t
automates many of the repetitive and laborious
processes involved in integrating with backend data
feeds.
i
n
some cases,
r
h
o
c
o
nnect eliminates all of
the code required to integrate with a backend app.
By writing your mobile app with
r
h
oMobile, it’s easy
to encrypt data where appropriate.
a
n
d using
r
h
o
g
a
llery to manage your apps takes care of the
app deprovisioning and helps manage your enterprise
apps and data.
i
f
you are building an enterprise application for modern
smartphones, you need to seriously consider how
to integrate your app with the backend enterprise
application — whether or not you use
r
h
oMobile
products. When it comes to integration, careful
planning will accelerate your development efforts
and result in a higher performing, more maintainable
and more secure solution.
Part number:
t
B-B
st
P
ract
B
kndint
. Printed in U
sa
08/12. M
otoro
L
a
, M
oto
, M
otoro
L
a

so
LU
tions
and the
s
tylized M Logo are
trademarks or registered trademarks of Motorola
t
r
ademark Holdings, LL
c
and are used under license.
a
l
l other trademarks are the
property of their respective owners. ©2012 Motorola
s
o
lutions,
i
n
c.
a
l
l rights reserved.
t
echnical Brief
Best Practices for Backend
i
n
tegration