Thursday, January 24, 2013

Add a custom Tab/App to your Facebook Page

Lately we got the task to create a custom Facebook Fan page for our network. It should contain the most important facts about us and be always up to date. Actually nobody in our company has really the time to deal with a fan page, so we had to include our old homepage or at least parts of it. This is possible using custom tabs, which is not really difficult, but as I guess I will need it more often now I want to share my process in a few steps.

Before starting with the tutorial you'll need to create a Facebook page, then you can start with the following steps which show you how to add a tab to your facebook page
  1. Create a Webpage that contains the content you'd like to display on your custom tab
  2. Ensure that this page is accessible under http and https (Facebook requirement)
  3. Go to
  4. Create a new App; set the Name, contact email, ...
  5. On the App's detail page there is a section called "Select how your app integrates with Facebook"; Open the "Page Tab" and put the Pages name and the two addresses (http and https) (*)
  6. Go to (exchange XYZ with your actual AppID) and select to which of your Facebook pages you want to add the new Tab-App
  7. Go to the Facebook page and watch your result
(*) We noticed that the URLs are not allowed to contain commas or semicolon, so you need to encode them first ("," = %2C and ";" = %3B)

The best and shortest tutorial I could find on this topic was the following Youtube video

Thursday, January 10, 2013

CAS - Login from iOS

The CAS system is designed in a way that the administrator of the server needs to provide a list of services (URLs) that are allowed to use the CAS. This means, that by login in you'll get a TicketGrantingTicket (TGT) which can then be used to create ServiceTickets (ST) to authenticate to a specific service.

This causes some problems when you try to authenticate an APP on a cellular phone which usually does not have a fixed name or IP which could be registered on the CAS server. However, CAS offers the possibility to allow the generation of TGT and ST via a RESTful interface.

As you have probably seen in my previous posts our CAS comes with a set of customisations to fit into our needs of which the integration of a login-domain is probably the most complicated. Introducing such a new, third field for the authentication causes changes throughout the code and as it is needed now to generate TGTs and STs it needs to be implemented in the RESTful interface as well (see my link above for details)

The general usage of CAS's RESTful interface is stated in the CAS documentation, so I'm not going to copy it to this blog, but the interesting thing is its implementation into an iOS application which is not present there.

The general idea on how it can be done comes of course from the CAS documentation and by adapting this article about how to connect Drupal, CAS and iOS. My solution is partially copied from there introducing a newer more powerful API for consuming the RESTful WS and our new Domain field.

Actually the project does just the creation of the TGT and an ST for a sample service and returns the result after executing the "serviceValidate". This means that after this step we know on the iOS-APP exactly who logged in and all other attributes that are provided by the CAS.

What's still missing is a general solution on how this iOS-APP could authenticate itself now to an arbitrary web server like DRUPAL in the post stated above.

The sample project is hosted on github