IBM Worklight for Digital Agencies

© 2014 IBM Corporation
IBM Worklight -- The IBM MobileFirst
Application Platform:
The Secret Weapon for
Digital Agency Profitability
Graham Churchill
IBM MobileFirst and Internet of Things Solutions Executive
churchil@ca.ibm.com
Sept 7, 2014

Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How does IBM Worklight save cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement
⑤ Managing the mobile ecosystem
⑤ Summary
2 © 2014 IBM Corporation

Two Types of Digital Agencies
Internal
Develop apps for their own organization
External
Develop apps for other organizations
LOB LOB LOB LOB LOB LOB
Goals are the same  develop more at lower cost.

Mobile apps are expensive to develop! • Fragmentation of devices and platforms
• Must build and maintain different code bases
$
• Speed and frequency of iterations
• High cost of testing and change management
• Connectivity to back-end systems and cloud
• Build, maintain and manage
• Security to protect corporate data
• Much greater chance of data breach
• Context and other capabilities such as geo-location
• Specialized capabilities required
• Delivery of high quality apps that rapidly incorporate
customer feedback
• Mechanisms to capture and act on feedback
• Adoption of apps in a crowded market; 25% of
mobile apps are used only once
• Build apps that people actually use.
• Skills on platforms, frameworks, UI design, and all
other disciplines.
• Mobile development skills are expensive

The challenge of finding skilled mobile developers
I am more
cool than
you.
I am more
liberated
than you.
Peace man.
+ + =$
• Developers often have different skill sets and its difficult to find single
developers with skills on all platforms
• When you do, you will pay a premium for their services
• For multi-platform projects, when you must maintain different assets, this
creates challenges in harnessing the team

Traditional Web development vs. Mobile development
Initial app
development cost
$
Traditional Web
Frequency of change (occasional)
$ $
Application
change cost
$
Mobile development
$
Application
change cost Frequency of change (continuous)
$ $ $ $ $
Initial app
development cost
$

Spectrum of mobile app development approaches
Low fidelity, low cost High fidelity, high cost

Mobile apps require more than a focus on front-end UI
z
Teamwork
Industrialize dev
Integrate with SDLC
Operations
Front-end
Back-end
30%
of the value
and effort is
visible
(mobile UI)
70%
of the value
and effort
lies under
the surface
Short time to market
Web? Hybrid?
Native?
Manage and
enforce app
versions
Track problems that
affect UX
Ensuring continued
support in a quick-changing
landscape
Security
Data
protection
Push
upgrades
App
security
User
authentication
User engagement
Connect to back-end
Efficient and flexible
push notifications
Track and leverage
location
Offline availability
B2E app distribution

Agenda
③ How IBM Worklight saves cost?
⑤ Summary

What does IBM Worklight do for digital agencies?
$$
Reduces application
change cost
2
Reduces initial
application cost 1
$ $ $ $ $ $$$$$$$$$$$$$$$$$
Affords you the
opportunity make
more changes
4
$$
$$$$$
Shortens time
required to make
changes
3

Impact of IBM Worklight on digital agency profitability
{
{ }
$
$ $
}
$
}
$
Price
charged
customer
Profit
Development
cost
Profit
Worklight license
Development
cost
Price
charged
customer
Without
Worklight
With
Worklight

For the value it delivers, IBM Worklight is very inexpensive
 No charge version for developers
 IBM Worklight for Developer Edition
• No charge, non-warranted program
• Support is best effort via Stack Overflow
• Available for download from the IBM developerWorks® website
 Production versions for deployment
• IBM Worklight Consumer Edition
• Pricing is per app; unlimited users
• IBM Worklight Enterprise Edition
• Pricing is per user, unlimited apps

Agenda
⑤ Summary

How IBM Worklight saves costs
 Accelerate Native, Web, and Hybrid
development
 Shorten App Lifecycle Change Management
 Facilitate App Security and Trust
 Engage users with the Enterprise
 Support Mobile Operations Management

The IBM MobileFirst Application Platform – IBM Worklight
IBM Worklight goes beyond mobile app
UI creation to deliver mobile optimized,
standards-based, middleware and tools
for enterprise-grade mobile applications
and services creation
Accelerate Native, Web, and Hybrid Development
• Complete IDE enabling the plug-in of native, Javascript, user-defined
libraries
• Rich APIs for native development
• Central place to keep track of all types of content
• Enables developer to focus on business logic
Shorten App Lifecycle Change Management
• Preview, simulation, and testing tools for shortening
development lifecycle
• Capture user feedback in a fraction of the time
• Mechanisms to industrialize app development
• Team work facilitation and development lifecycle tools
Facilitate App Security and Trust
• Server-enforced authentication
• App authenticity and user-app-device binding
• Secure and syncable on-device storage
• App version enforcement
Engage Users with the Enterprise
• Mobile-friendly enterprise integration
• Codeless integration
• Unified push and SMS notifications
• Geo-location and context collections and intelligence
Support Mobile Operations Management
• Operational analytics with efficient data acquisition
• Offline and online event management integration
• Remote user and app control without MDM
“Best Enterprise Mobility Application
Development Platform" by Compass Intelligence
for 2014 Mobility Awards
"Best Mobile Development Solution"
as voted by SIIA members for 2013 CODiE Awards

The Value of Worklight for Native Apps – The Best Platform for Native
Focus more on business logic
• Robust and extensible enterprise integration
framework
• Proven user and app security framework
• API discovery for SAP and SOAP
• Encrypted JSON Store with bi-directional
synchronization
• Efficient geo-location services
and geo-fencing
Decrease development cost
• Standard server API for push engagement
• Automated functional testing for native apps
• Out of the box operational analytics
Manage the mobile app
lifecycle
• Console for app management, version
enforcement, and fine-grained user control
• Support for enterprise SDLC integration
• App Center for managing distributed test
process
Support the mobile
ecosystem
Objective C
Java
C#
• Proven timely support for new OS versions
• Support for use of third party libraries and
services

The Value of Worklight for Hybrid Apps
Focus more on business logic
• Proven optimization framework including Skins
• Robust and extensible enterprise integration
framework
• API discovery for SAP and SOAP
• Worklight App Run-time for quick data-driven
hybrid apps
• Encrypted JSON Store with bi-directional
synchronization
• Efficient geo-location services and geo-fencing
Decrease development cost
• Instant hybrid app preview
• Accurate mobile simulator + visual location
simulator
• Automated functional testing for hybrid apps
• Out of the box operational analytics
Manage the mobile app lifecycle
• Console for app management, version
enforcement, and fine-grained user control
• Custom app templates and screen templates
• Custom app components and shell
• Support for enterprise SDLC integration
• App Center for managing distributed test
process
Support the mobile ecosystem
• Cordova is shipped with Worklight; IBM
provides bug fixes and production-level support
for version shipped with Worklight
• Proven timely support for new OS versions
• Support for use of third party libraries and
services

Outline of the IBM MobileFirst Application Platform – IBM Worklight
A comprehensive mobile app development approach with continuous delivery
Quality Assurance
Server Runtime
Studio Console
Application Center
Application
Scanning
Development Continuous Delivery
Application Scanning
Detect code vulnerabilities at the
time of development
Quality Assurance
Collect beta test feedback, crashes
and analyze user sentiment
Worklight Foundation
Development, Runtime, Operations
Console & Private Store

Feedback Management
Device Runtime
Cross-Platform
Compatibility Layer
Server Integration
Framework
Encrypted and
Syncable Storage
Runtime Skins
Location-based
event handling
Reporting for Statistics
and Diagnostics
IBM Worklight Foundation Components
Worklight Application
Center
Development Team Provisioning
Enterprise App Provisioning
and Governance
App Feedback Management
Public App Stores
2
3
Application Code
Enhanced crash &
platform-level
exception capture
Worklight Console
5
Unified Push and SMS Notification
Development and Operational Analytics
App Version Management
Worklight Studio
HTML5, Hybrid, and
Enterprise Backend Systems &
Native Coding
Optimization
Framework
Integrated Device
3rd Party Library
WYSIWG Editor
and Simulator
Cloud Services
Build Engine
SDKs
iOS
1
Android
Blackberry
Windows
Phone
Windows 8
Java ME
Mobile Web
Desktop Web
Worklight Server
SDKs
Integration
Functional
Testing
User Authentication
and Mobile Trust
Mashups and Service
Composition
JSON Translation
Geolocation Services
Adapter Library for
Backend Connectivity
Stats and Logs Aggregation
Client-Side
App Resources
Direct Update
Mobile
Web Apps
Unified Push
Notifications
4

IBM Worklight Foundation – Typical Topology
Worklight
Cluster
App
Web SSO
Server
Load
Balancer
https
https
Corporate DMZ
Corporate LAN
Backend 1 Backend 2
Worklight
Database

What’s new in IBM Worklight Foundation 6.2
Flexible
application
development
New command line
tooling
More native API
Mixing native and
HTML5
Wizards for Backend
integrations
Worklight Application
FrameworeBeta
IBM's cloud services on
Bluemix
Extended user
reach
Native app start-up and
transitions
Enhanced push
notification
Campaign manage with
xtify
USSD support
C# API for Windows
Phone 8
SSO via iSAM
Comprehensive
mobile
operations
Enhanced operational
analytics
REST APIs and CLI for
management task
automation
Role-based access with
Java EE-security
Remote-controlled
mobile device log
collection
Cluster and active-active
arch
Cloud-hosted on
SoftLayer
Security
MaaS 360 integration
Trusteer integration
JSONStore for native
iOS and Android apps
JSONStore for Hybrid
W8 and WP8
Direct Update for WP8
Enhanced app
authenticity for iOS and
Android

Agenda
⑤ Summary

Spectrum of mobile app development approaches
Pure web Hybrid Pure native
Pre-package
d HTML5
resources
HTML5 +
native UI
Web-Native Continuum
Mobile
web site
(browser
access)
• HTML5, JS,
and CSS3 (full
site or m.site)
• Quicker and
cheaper way
to mobile
• Sub-optimal
experience
Native
shell
enclosing
external
m.site
• HTML5, JS,
and CSS
• Usually
leverages
Cordova
• Downloadable,
app store
presence,
push
capabilities
• Can use native
APIs
• As previous
• + more
responsive,
available
offline
• Web + native
code
• Optimized
user
experience
with native
screens,
controls, and
navigation
Mostly
native,
some
HTML5
screens
• App fully
adjusted to OS
• Some screens
are multi-platform
when
makes sense
Pure
native
• App fully
adjusted to OS
• Best
attainable user
experience
• Unique
development
effort per OS,
costly to
maintain

Worklight Studio – The IDE for hybrid app development
 Eclipse-based IDE
 Code assist tools with auto-complete and
validation
 Application scaffolding and componentization
 Mobile OS-specific optimization
 Device-specific optimization with Skins
 3rd-party library integration for HTML5 and
native components
 Quick access to simulators, emulators, and
debugging tools
Worklight Studio
HTML5, Hybrid, and
Native Coding
Optimization
Framework
Integrated Device
SDKs
3rd Party Library
Integration
Build Engine
SDKs
WYSIWG Editor
and Simulator
Functional
Testing
iOS
1
Android
Blackberry
Windows
Phone
Windows 8
Java ME
Mobile Web
Desktop Web

Worklight gives developers complete control over their app
• Control default splash screen behavior
• Add a custom splash screen
• Start application with native screen
• Control Worklight framework initialization, e.g. in background
Attractive
App
Startup
• Display a specified native screen in full screen
• Mix native and web components on a same screen
• Control native components that host web application
• Use native components hosting web application inside of a
container
Engaging
UI
• Call native code from JavaScript and vise-versa
• Invoke both native and JavaScript WLClient APIs in any order
e.g. authenticate in native, UI in HTML5
Compelling
app flow

Unified Worklight Studio
• Worklight Studio and Worklight Developer Edition are now the same
• Licensing terms and support difference only
• Same installation can be used for both evaluation and production environments
• Common Worklight Studio now available through
• Free for evaluation from Eclipse Marketplace
• Paid for production from Passport Advantage
• Evaluation assistance for Worklight provided through
• Paid product support available through direct support channels
• For more information, go to the Worklight page on
http://www.ibm.com/developerworks/mobile/worklight/

Unsurpassed flexibility in hybrid development
Complete freedom in mixing native and web code in the same app
Native and web
components on the
same screen
Native header with
button, title and icon
WebView with web
components
Native scrolling ticker

Bridge native and hybrid elements with an action API
 Use the Worklight action API to enable native-hybrid communication:
 Send data from JavaScript to Native
 Send data from Native to JavaScript
 Register Native action handlers
 Register JavaScript action handlers
Example: Clicking native side menu button triggers web UI change

Create reusable enterprise UI patterns
 Create and reuse custom UI patterns
 For corporate branding
 Improved governance: Patterns which
were adequately designed, implemented
and tested
 Patterns contain HTML, CSS and JS
resources
 Package patterns inside a pre-defined
archive format, so that they can be
distributed among teams to re-use in their
Worklight projects with Worklight Studio

Create custom components and templates
Add
Components and
templates to a
Worklight Project
 Custom screen patterns
Shareable ZIP archives
.wlc or .wlt extns
 HTML, CSS and JS resources
 Extend the list of out-of-the-box patterns
 Application Components
 Reusable libraries (Client or server runtime)
that developers can add to apps
 Worklight Project Templates
 A reusable Worklight hybrid project that
developers can use to jump start new
application development
Create
components
and
templates
 Save development time by reusing code
 Help enforcing governance by providing ready-made,
tested components with corporate-approved
code and branding
 Created and managed using a Worklight
Studio wizard

Bring Your Own Tools!
 In Worklight 6.2 developers have the flexibility to use the development tools of their choice –
Worklight Studio is no longer required
 A Command Line Interface (CLI) is provided to enable the use of other development tools
 The CLI provides the following capabilities:
 Add Worklight SDKs to a native project
 Create Worklight hybrid projects
 Add environments to a Worklight hybrid project
 Create Worklight Adapters
 Test Worklight Adapters
 Deploy Worklight applications and adapters to the Worklight Server
 Start and stop the Worklight Server
 Launch the Worklight administrative console

Example CLI commands for native apps
 wl create
[?] What do you want to name your project? MyProj
Project ‘MyProj’ created
 cd MyProj
 wl add api
[?] What do you want to name your native API? MyIosApi
[?] What platform do you want to target?
Android
❯ iOS
Java ME
Windows Phone 8
Native api for ‘ios’ created
Context aware builds
 wl build
 wl deploy
If at project level, all apps and adapters are built.
If in adapters (all or single), then only those are built.
If within a single app, then only that app is processed.
If within a single env of app, only it is built and deployed.
Embedded Worklight server control
 wl start
 wl console
 wl stop
The “wl run” command is a long running task that starts
the server, and tails (follows) the server log file

Example CLI commands for hybrid apps
 wl add hybrid
[?] What do you want to name your Worklight App? MyHybrid
 cd apps/MyHybrid
 wl add environment
[?] What environments you want to add to the hybrid app?
⬢ iPhone
⬡ iPad
⬢ Android phone and tablets
⬡ BlackBerry 6 and 7
⬡ BlackBerry 10
❯⬡ Windows Phone 8
⬡ Windows 8 desktop and tablets
⬡ Mobile web app
 wl build
 wl deploy
 wl console

Example CLI commands for adapters
 wl add adapter Accounts --type http
 edit adapters/Accounts/Accounts*
 wl build && wl deploy
Implement desired procedures
Interactively test the adapter
 wl invoke
[?] Which adapter do you want to use? (Use arrow keys)
❯ Accounts
Foo
[?] Which procedure do you want to invoke? (Use arrow keys)
getAccountList
❯ getAccount
[?] Enter the comma-separated parameters: "111-001"
Invoking Accounts:getAccount...
Arguments:
[ "111-001” ]
Invocation result:
{
"id": "111-001",
"balance": 623.45,
. . .
}
Direct syntax
 wl invoke Accounts:getAccount '["111-001"]’
{
"id": "111-001",
"name": "Checking",
. . .
}

Agenda
⑤ Summary

Rapid testing of hybrid apps with the Mobile Browser Simulator
 Accurate simulation of the app’s HTML5 screens (e.g., right fonts, sizes, and layout)
 Supports Cordova and Worklight client API

Mobile Functional Test Tools
 Comprehensive, complete, resilient functional testing
 Android and iOS, native and hybrid
HTML and JQuery
 Record, edit, and run on mobile devices or emulator
 Same test runs across multiple devices in the platform family
 Natural language scripts can be used by developers and non-developers
alike
 Simple process
1. Record
2. Author
3. Playback
4. Report

Introducing IBM Worklight Quality Assurance
Delivers mobile app quality across a fragmented environment with end user
feedback and quality metrics available at every stage of development.
Evidence-based prioritization – enable business
and IT to collaborate on mobile strategy and user
experience
Over the air app distribution – get the latest in the
hands of testers as soon as it is available
Frictionless bug reporting – spend every minute on
testing latest and greatest builds, not the hassles
In-app crash reporting – rapid understanding of
why an app fails
Sentiment analysis – mine app ratings and reviews
to extract actionable feedback before they go viral
User Feedback
Crash logs
Bugs
Quality
Assurance

Introducing IBM Worklight Application Scanning
Based on AppScan v9.0
Detect vulnerabilities at the time of code change to reduce risk of data leakage and breaches
• A single Eclipse Integrated Development
Environment (IDE). Scan existing code
projects or Worklight Studio projects
• Native and hybrid mobile applications support
• Enhanced JavaScript analysis, which includes
improved performance and additional
framework support
• Optionally connect to IBM Security AppScan
Enterprise Server to share scan
configurations, filters, and custom rules across
all projects
Application
Scanning

Application Center for managing the app testing phase
 Share apps across developers, testers,
and other stakeholders
 iOS, Android, Windows Phone 8,
BlackBerry 6 and 7
Developers
• Easily distribute app to testers
Testers
• Easily find apps and versions to test
Testers
• Provide rating and feedback directly
from the device
Developers
• Access all feedback in a centralized
manner

Agenda
④ Enabling user engagement with the enterprise
⑤ Summary

A quick overview of Worklight Security
Protect data
on the device
Streamline
corporate
security
approval
processes
Proactively
enforce
security
updates
Provide
robust
authenticatio
n and
authorization
to secure
users
Protect From
Known
Application
Security
Threats
Application Security Objectives
Application Security Design:
 Develop secure mobile apps using
corporate best practices
 Encrypted local storage for data
 Offline user access
 Challenge response on startup
 App authenticity validation
 Enforcement of organizational security
policies

Proactively enforce
security updates
Remote
disable
Direct
update
App
authenticity
testing
Protect data on the
Coupling
device id
with user id
Secure
challenge-response
on
Provide robust
authentication and
Security Features Mapping
device
startup
protection
realms
provisioning
integration
authorization to secure
users
Offline
authentication
Authenticatio
n integration
framework
Data
Encrypted
cache / DB
Mobile
platform as
a trust
factor
Streamline
corporate security
approval processes
Code
obfuscation
SSL with
server
identity
verification
Protect from
Known
Application
Security Threats
Device
Proven
platform
security

User Authentication and Authorization
 Very flexible framework for simplifying
integration of apps with existing
authentication infrastructure
 Manages authenticated sessions with
configurable expiration
 Open: e.g., custom OTP as
anti-keylogger mechanism
 Server-side services grouped into separate
protection realms for different authentication
levels
 Two-factor authentication using device id as
“what you have” factor
Coupling
device id
with user id
Provide robust
authentication and
protection
realms
authorization to secure
users
Data
Need to integrate with existing
authentication infrastructure
Authenticate users when offline
Mobile passwords are more
vulnerable
Authenticatio
n integration
framework

Extensible authentication framework
 Leverage open framework to integrate with enterprise authentication and authorization
systems
 Develop custom JavaScript or Java extensions to enable custom authentication approaches
including multi-factor authentication and biometric credential collection
 Use LTPA tokens when running on WebSphere Application Server
IBM Worklight Server
Session authentication
1. Call Protected
Procedure
2. Request
Authentication

User-certificate provisioning for client-side authentication
 X509 certificates
 Are installed on devices and can can be used to automate user authentication
 Certificate provisioning options
 For all apps on a device
 For a particular app
 Benefits
 Cost saving: Certificates are typically provided by MDM solutions and is quite costly
(some charge $70 per device).
 Usability: Simple, automated user authentication; User’s device does not need to be
managed by an MDM

Protecting data on the device
Device theft
Offline access
Phishing, repackaging
Device
provisioning
integration
App
authenticity
testing
Protect data on the
device
Encrypted
cache / DB
Offline
authentication
Secure
challenge-response
on
startup
 Encrypted JSON Store
 Offline authentication using password
 Extended authentication with server using secure challenge response
 App authenticity testing: server-side verification mechanism to mitigate risk of Phishing through
repackaging or app forgery
 Device provisioning integration: allow for the authentication of devices in addition to apps and users
 HTTPS/TLS based initiation of Worklight Server connectivity from WL Client runtime using FIPS 140-2
compliant libraries
 Tie in with User-Provision to use X509 Cert in establishing HTTPS/TLS connection using user
certificate
 On top of the already compliancy for communication (data in transit) and for storage (JSONStore)

Application Security
 Proven platform security: tested by the most
demanding customers (e.g., top tier banks)
 Client<->Middleware communications over HTTPS
to prevent data leakage
 Server certificate is automatically verified to thwart
man-in-the-middle attacks
 Developers can obfuscate application JS code to
make static analysis more difficult
 SQL adapter designed to mitigate SQL-injection
 Built-in audit trail
Code
obfuscation
SSL with
server
identity
verification
Protect from
Known
Application
Security Threats
Hacking
Eavesdropping
Man-in-the-middle
Proven
platform
security

Device Single Sign-On (SSO)
 Enables a mobile user to authenticate once and gain access to all apps from the same
organization (technically, with the same developer certificate) without re-authenticating.
 Enhanced to support integration with DataPower, ISAM, and other gateways
App 1
secure Mobile OS key store
Worklight
Server
App 2
ID
Session x
Duplicate after receiving
ID fro App 2
Session y
 Implementation
 Implemented using combination of
server-side capabilities (realms) and
unique device identification (device ID)
 On successful login the authentication
state is saved in the database and used
for validations in subsequent sessions
from the same device.

Enforcing security updates
 Remote Disable: shut down specific versions
of a downloadable app, providing users with
link to update
 Direct Update: automatically send new
versions of the locally-cached HTML/JS
resources to installed apps
Can’t rely on users
getting the latest
software update on
their own
Proactively enforce
security updates
Remote
disable
Direct
update

Agenda
⑤ Summary

Worklight Server: Adapters
Run time
 Lightweight server-side logic to expose systems of records in a mobile-friendly
way
 Automatic JSON transformation of enterprise data for quick
transport and ease of consumption by mobile developer
 Server-side service composition to reduce number of requests over
slow mobile network
 XSLT to reduce fat SOAP responses
 Security
 Automatic enablement of server-side authentication control and
audit
 Analytics
 Automatic collection of user actions and device and app properties
 Data sync
 Enables synchronization with on-device JSON Store
 Mobile user engagement
 Push notifications and geo-based event management
SQL / JDBC
SOAP /
HTTP
REST
Java
Extension
ESB**
JMS
CAST IRON
Node*
Worklight Server
Enterprise back-ends and
Enteclropurids es ebravcicke-esnds and
Enteclropurids es ebravcicke-esnds and
cloud services
* As tech preview
** Available with IBM Message Broker
For the server developer
 JS anywhere: Simple APIs for server-side JavaScript development
 Extensibility: Java API for custom adapters
For the client developer
 Easy-to-use, consistent client-side API to call any back-end system

Automatic adapter generation for SOAP and SAP NetWeaver
 Speed-up creation of mobile apps which interact with
Enterprise back-end system of records
 Reduce the amount to coding to zero or near-zero for invoking
SOAP based web services and services from the SAP
NetWeaver Gateway
 Consume these services via the generated adapter from your
web, hybrid, or native app

Unified Push Notifications
• Uniform access to push notifications providers
‒ Register for, notify, and receive a notification via Worklight APIs or SMS
• Register for and send SMS based notifications
‒ E.g., for feature phones
Back-end
System
Back-end
System
Back-end
System
Back-end
System
Polling
Adapters
Message-based
Adapters
Unified
Push API
Notification
State
Database
User-
Device
Database
iOS
Dispatcher
Android
Dispatcher
Windows
Phone
Dispatcher
SMS
Dispatcher
Apple Push
Servers
(APN)
Google Push
Servers
(GCM)
Microsoft
Push
Servers
SMS/MMS
Brokers
Administrative Console
Notification statistics, SMS subscription control
Worklight
Client-side
Push Services
iOS
Push API
Android
Push API
Windows
Push API
Broker
API
Worklight
Client-side
Push Services
Worklight
Client-side
Push Services
Optional 2-way SMS

Push notification enhancements in Worklight Foundation 6.2
 Group notifications based on tags
 Notifications are targeted to only a select set of users based on their topics of interest
 Tags allow message producers / senders to segment devices
 One or more tags can exist per application
 Defined in application-descriptor.xml – created during deployment
 Broadcast, unicast and narrowcast notifications
 New APIs available to send a notification to all the devices that installed the application
 Also provides for an option to opt out of receiving broadcast notifications
 Enhanced APIs to send a notification to specific user or device that installed the
application
 Support for a notification targeted to devices of a particular platform that installed the
application
 New server side REST APIs for device and subscription management
 Improved scalability of the push infrastructure to handle large volumes of push messages

Two-way SMS communication
 Why SMS?
 For feature phone users: A preferred mode of interaction
 For roaming users: When data roaming fees are not affordable
 In emerging markets: More reliable than Internet connection
 HTTP integration with SMS gateway or aggregator for the SMS delivery
 Seamless backend integration, mapping of incoming SMS to the relevant
 Mobile user  enterprise
 Sends SMS messages based on
keywords published by the
enterprise
 Enterprise  mobile user
 Responds to a user request
 Initiates a new request by
sending an SMS notification to a
subscribed user
 SMS in Worklight
backend calls
SMS HTTPS
Source of phone image: http://shmector.com/photo/3d_mobile_phone_icon/1-0-646
Backend
Service
Worklight
SMS Gateway

Worklight Geo-Location Services
Efficient, controlled
acquisition of GPS,
triangulation, and Wi-Fi
coordinates in background
and foreground
Store
Collect and use on the mobile device
Define points of
interest and geo-fences
Use on the server
Integrate context
information with
business processes
Trigger actions based
on location changes
Handle business
events
Store while offline,
Efficiently send to
server
API availability
• Hybrid: iOS, Android, Windows Phone 8
• Native: IOS and Android
Perform analytics
Scenarios debug-able
with
Worklight’s Mobile
Simulator

Mobile Data support: JSON Store
API now available for native iOS and Android apps!
 On-device, mobile database support
 Embedded JSON mobile database
 JavaScript APIs to store, query and update
the data in offline mode using MongoDB-like
APIs
 Encrypt sensitive data
 Using a key provided by developer or
obtained as user’s password
 FIPS140-2-compliant
 Server-to-client Sync
 Retrieve, store and keep data store up-to-date
using adapters
 Client-to-server Sync
 Simplify write actions on data while the app
is offline and send these actions to the
server
 Enterprise API-based
 Leverages corporate API / SOA layer to
access sensitive enterprise data
Back-end
system or
database
Corporate SOA /
Enterprise Bus
JSON
Store
Mobile App
Worklight
Server
Worklight
Adapter
JSON
XML, JDBC, …

Extending enterprise services via USSD
 Unstructured Supplementary Service Data (USSD) provides a cost-effective alternative to
mobile apps in emerging markets where feature phones are still fairly common
 USSD (Unstructured Supplementary Service Data) is a protocol used by GSM cellular
telephones to communicate with the telecom provider.
Worklight will now enable the
following:
• Accept incoming requests from
a USSD gateway and map the
USSD short codes to
corresponding Worklight
adapters
• Construct and respond with
USSD menu options
• Invoke corresponding backend
services via Worklight adapters

Example: Mobile app using Worklight for USSD communication
Telco forwards
this to a USSD
gateway
USSD
Gateway
Worklight
responds to the
gateway request
with the USSD
menu options
(configurable)
Worklight
Adapter
Enterprise
backend
HTTP/S
Mobile User dials
USSD short code
say, *123#
Gateway maps the
short code to a known
URL provided by the
enterprise and creates
the USSD session
Enterprise

Agenda
⑤ Summary

Managing mobile apps with the Worklight Console
Supports
multiple
versions on the
same platform
Device specific
versions are
uncoupled

The Worklight Console supports several Worklight projects
 Ability to administrate several project
WAR files deployed on the same
topology (WAS ND cluster, single
server, farm of servers) with a single
console
 New console page allows navigation
between several runtimes
 Simplified navigation for a single
project runtime use case

Administrators can use CLI or REST API for management tasks
 REST API for all administrative operations
 List, deploy, delete and change applications and adapters
 Device management API
 Secured with basic authentication
 Role-based access
 XML and JSON payload
 Ant tasks for all administrative operations
 Same feature set as REST services
 ANT tasks defined in worklight-ant-deployer.jar
 Supports SSL and password encryption in ant files
 Command Line Interface for all administrative operations
 Command line version of ant tasks

Examples of REST API, ANT tasks, and CLI
REST services
• Get all applications or post a new one
/management-apis/1.0/runtimes/{runtime-name}/applications
• Get or delete an application
/management-apis/1.0/runtimes/{runtime-name}/applications/{app name}
• Retrieve or delete an adapter
/management-apis/1.0/runtimes/{runtime-name}/adapters/{adapter-name}
• Lock an application version
/management-apis/1.0/runtimes/{runtime-name}/applications/{app
name}/{environment}/{version}/accessRule
Ant tasks
• <wladm url=... user=... password=...|passwordfile=... [secure=...]>
• <list-apps runtime=... />
• <delete-app-version runtime=... name=... environment=... version=... />
• <deploy-adapter runtime=... file=... />
• </wladm>
Command Line interface
• wladm --url= --user= ... [--passwordfile=...] lists apps [runtime-name]
• wladm --url= --user= ... [--passwordfile=...] delete app version [runtime-name] app-name environment
version
• wladm --url= --user= ... [--passwordfile=...] deploy adapter [runtime-name] filename.adapter

Worklight Console and CLI secured by default
 Standard JEE security is used in the
console and CLI tools
 Login / Logout from the console out of
the box
 Role based access to the console
 Simplified connection to user
repositories
 Use standard role mapping in WAS
console , Liberty , Tomcat

Role based access to administration tasks
Role Description
monitor
Ability to view the deployed Worklight
projects and the deployed artifacts,
this role is a read-only role
operator
Can do all mobile application
management operations but cannot
add or remove application versions or
adapters.
deployer
same role as operator but can also
deploy apps and adapters.
administrator
Ability to do all application
management operations including the
ability to add new versions of
applications and add and remove
adapters. The app administrator can
also configure more information on the
application itself such as runtime
specific settings such as SMS proxy
configuration.

Disable a mobile app using the Worklight Console
Remote Disable: Deny access to an app of a specific version on a
specific environment
• Ensure users use the latest security fixes
• Avoid using previously installed old versions that are no longer
supported

Direct Update for mobile apps on the device
App Store
Worklight
Server
Native Shell
Pre-packaged
resources
Download
Check for
updates
Web
3
resources
Update web
resource
Transfer
Cached
resources
1
2
4
1. Web resources packaged with app to ensure initial offline availability
2. Web resources transferred to app's cache storage
3. App checks for updates on startup and foreground events
4. Updated web resources downloaded when necessary, with user
confirmation or silently

Enhancements to Direct Update in Worklight Foundation 6.2
 Direct Update is now integrated into the Worklight Server security framework and
exposes a client-side API for better control and customization:
 Control when to invoke Direct Update
• perSession, perRequest, or custom
• Disable Direct Update for an app
 Replace the default behavior and UI with a branded one
Description JavaScript
Direct update events listener
class name
WLDirectUpdateListener
Invoked by WL framework once
direct update has started
onStart(statusJSON)
invoked by WL framework once
HTTP chunk has been
downloaded
onProgress(statusJSON)
invoked by WL framework once
direct update has finished (with
either success/failure)
onFinish(statusJSON)
STARTED
DOWNLOAD_IN_PROGRESS
UNZIP_IN_PROGRESS
SUCCESS
FAILURE_NETWORK_PROBLEM
FAILURE_DOWNLOADING
FAILURE_NOT_ENOUGH_SPACE
FAILURE_UNZIPPING
FAILURE_ALREADY_IN_PROGRESS
FAILURE_UNKNOWN

Remote-controlled client-side log collection
 Worklight provides Native and JavaScript API for client-side logging
 Administrator defines log collection profiles on the server which are automatically retrieved
by the Worklight client-side runtime
 By default sent on init, resume, and 75% full – can be customized
 Administrator can perform analysis and text search of client-side logs via server-side
analytics console

Unified Client and Server Analytics
 Out-of-the-box analytics address the following:
 User adoption, device and app properties
 User actions and called adapter procedures
 Performance and data usage information
 Exceptions, crashes, logs, response time
 Geolocation data
 Analytics component now provided in a WAR for simple install and administration

Service integration analytics
 Robust analytics for adapter usage including average response time, average data usage,
and server usage statistics

Server and Client log inspection made easy
 Worklight Analytics Console enables easy searching of both client and server logs

Agenda
⑤ Summary

IBM Worklight Key Differentiators
• Tooling for HTML 5 development and device adaptation
• Application lifecycle management of HTML5 artifacts
• Leveraging de-facto standards to provide added value for developers
Standards-based
• Native / hybrid / web
• Full coverage of the hybrid spectrum
• Leverage any 3rd Party JavaScript Framework: More Choice!
Flexibility and choice
• For developers: easy learning curve, small number of programming
models, JS anywhere, small footprint
• Collaborative development
• Quick and Easy Installation and deployment
Consumability
• Flexible security model
• Portfolio integration
• Advanced in-app security features
Security
• IBM products already leveraging Worklight as a mobile standard
• Starting to build a catalog for third-party APIs
• MobileFirst Solutions for Testing, Team Dev, Analytics, Security and
Mgmt
Ecosystem

Three Ways to Get Started with IBM
1 Download the free IBM Worklight
Developer Edition: ibm.co/worklightde
2
Talk with your IBM representative or Business
Partner to find the right next step for you 3 Learn more at www.ibm.com/mobile-enterprise
Interact with us @ibmmobile and #ibmmobile

http://www.ibm.com/developerworks/mobile/worklight
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have
the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM
software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities
referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature
availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines
Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

IBM Worklight for Digital Agencies

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to IBM Worklight for Digital Agencies

Similar to IBM Worklight for Digital Agencies (20)

Recently uploaded

Recently uploaded (20)

IBM Worklight for Digital Agencies