[Building Sakai] Sakai iPhone/Android app?

Matthew Jones jonespm at umich.edu
Thu Mar 24 18:37:01 PDT 2011 

Agreed, maybe if you're a smaller school, and your Sakai installation
actually contains all of the login credentials for the users then there's
less of an issue. Also if the *only* app is the central mobile app that is
maintained and published by the organization, then it can do whatever it
wants because it's probably audited and more trusted. (Like the official
twitter app is probably more trusted than a 3rd party)

However, most larger schools will have user credentials at a central
location (ldap, kerberos or whatever) and provided to the Sakai and the app
either through an signle signon or provider as Sean described. The few new
authentication interfaces that Sakai has added built in (such as Webdav and
iClicker) already were difficult to negotiate.

If you actually have students who want to develop then you certainly don't
want their app taking passwords because you have no idea what they're doing
with them.

OAuth in the front as an alternative login mechanism (which I'm betting
Oxford has implemented) is a really good idea, because then the app can
request access rather than request passwords.

On Thu, Mar 24, 2011 at 9:18 PM, Sean DeMonner <demonner at umich.edu> wrote:

> why wouldn't you want user's entering passwords int the app?
>
>
> At Michigan our security folks are very concerned about credentials being
> gathered on the device by individual apps (we have lots of "non-official"
> app development going on by students and affiliated groups that we want to
> encourage, but we don't want them handling credentials).
>
> Instead, our app mobile team is building an SSO app that other mobile apps
> will use for authentication. That way you have one centrally blessed app
> capturing credentials but potentially lots of innovative apps at the edges.
>
> SMD.
>
>
> On Mar 24, 2011, at 8:31 PM, Steve Swinsburg wrote:
>
> Just a thought: why wouldn't you want user's entering passwords int the
> app? It needs to be done for other apps that connect to an account
> somewhere, like Twitter etc.
>
> One way around this would be to use API keys/OAuth so a user has an API key
> they can set into the app, instead of their username/password. They can then
> manage that in their  'Account' page, ie reset my API key.
>
> Oxford has done some work on OAuth, I would love to see how it works..
>
> cheers,
> Steve
>
>
> On 25/03/2011, at 6:48 AM, Matthew Jones wrote:
>
> There has been a lot of work in 2.7 and 2.8 on improving the mobile
> experience as you mentioned in the portal. This is an easy benefit for
> everyone. Overall this experience feels pretty good. Many mobile browsers
> currently disable file uploading and the wysiwyg editor has to be disabled,
> but there's no good ways around this for anyone until the browsers and
> devices get better.
>
> As far as an an actual native app is concerned, Steve Swinsburg proposed a
> Google Summer of Code idea for 2011. [2] This would need both the app
> written as well (likely) as a number of new entitybroker endpoints. Another
> issue with a native app would be authentication, as you don't want your
> users entering passwords on their applications. This may be different school
> to school.
>
> Some schools like Oxford have also done some work in this space. [3] Much
> of it is slower because there currently aren't way to get at all of tools
> api's externally. And writing those required interfaces (in entitybroker)
> isn't always as exciting or easy as writing the app is. ;)
>
> [1] https://jira.sakaiproject.org/browse/SAK/component/11220#
> [2]
> https://confluence.sakaiproject.org/display/MGT/Google+Summer+of+Code+2011+ideas+list#GoogleSummerofCode2011ideaslist-
> [3] http://m.ox.ac.uk/desktop/#weblearn
>
> On Thu, Mar 24, 2011 at 3:18 PM, Jacob Reinelt <jjreinel at svsu.edu> wrote:
>
>> Is their any work going on regarding an iPhone or Android application that
>> would integrate with Sakai?
>>
>> I know sakai has a mobile portal that has seen enhancements for 2.7.x, but
>> I'm just curious regarding apps as I haven't seen anything since an iPad app
>> demonstration that I believe IU had at the last conference.
>>
>> Jacob Reinelt
>>
>> Open Source Programmer/Analyst
>> Saginaw Valley State University
>> Wickes 224
>> jjreinel at svsu.edu
>> (989) 964-2151
>>
>> _______________________________________________
>> sakai-dev mailing list
>> sakai-dev at collab.sakaiproject.org
>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>
>> TO UNSUBSCRIBE: send email to
>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
>> "unsubscribe"
>>
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
>
>
> SMD.
>
>
> ====================================================
> Sean DeMonner, Assistant Director, Teaching & Learning, AIS, ITS
> 3350 Duderstadt Center, University of Michigan      (734) 615-9765
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20110324/d4f5eaa4/attachment.html

More information about the sakai-dev mailing list