In recent years, an increasing number of applications are designed to run on mobile devices. Applications running on a mobile device can be categorized as native applications or web applications. Native applications are stored locally on the mobile device and have binary code stored on the mobile device, whereas web applications have no binary code stored on the mobile device and work in a request/response model implemented via a web browser application on the mobile device. The mobile device executes the native application, although some may utilize network communication to obtain related content. Actual execution of the web application, however, occurs on one or more servers with which the mobile device communicates through a network. For the web application, the web-browser sends requests for some data/information to the external web application server using a URL. In response, the web application server sends back information which the web-browser displays on the screen of the mobile device.
A user of the mobile device often interacts with both native and web applications. An enterprise, such as an employer of the user, may provide both a native application and a web application. In order to secure data and company-confidential information, an enterprise needs to insure that only authorized employees can access the enterprise applications. An enterprise typically requires employees to login as the first step to access any enterprise application. In the mobile context, each enterprise application requires the user/employee to provide the respective application with the user's login credential. Separately logging on to each of multiple applications that require the same user login credential is tedious and inefficient.
Single sign-on (SSO) is an industry-standard mechanism widely used in desktop computing environments. When the user logs into one desktop application first and for accessing subsequent applications, the same login credential is used. Today an enterprise authentication system usually generates a session-token after it validates the user login credential. Applications need to have this session-token attached to all its server requests. If the server finds the token valid, it processes the request. Thus, users need to login just once and get a session-token for using with all applications. However, SSO for desktop computing environments is not readily adaptable in the context of mobile devices that implement by native applications and web applications.
As noted, the interactions between client and server for a web application take place via a web-browser, which is by its very nature isolated from other applications running on the device. Hence, native and web applications cannot readily share sign-on information among the various applications.
Hence, a need exists to allow the user to efficiently log on to different types of applications on a mobile device.