Oh, I forgot to mention that you can use an inAppBrowser or ChildBrowser plugin with Phonegap/Cordova if you do not wish to create a custom login page.
After the user is successfully authenticated you need to redirect him/her to a page where you have a javascript listener that closes the browser. You should now have an sso2 cookie and can then access your backend system from your app.
We have done several such implementations (Often through the SAP portal)
If that is an interesting option I can provide you with some code snippets.