0

我在我的应用程序中使用基于表单的身份验证和质询处理程序(示例代码)。问题是,它不是通过单击登录按钮来验证用户 - 我必须单击两次。为什么?

我已经保护了所有适配器功能。

我的挑战处理程序

var myAppRealmChallengeHandler = WL.Client.createChallengeHandler("myAppRealm");
myAppRealmChallengeHandler.isCustomResponse = function(response) {
     if (!response || response.responseText === null) {
        return false;
    }
    var indicatorIdx = response.responseText.search('j_security_check');
    WL.Logger.debug("indicatorIdx =" + indicatorIdx);
    if (indicatorIdx >= 0){ return true; }  
    return false; 
};
myAppRealmChallengeHandler.handleChallenge = function(response) {
    $.mobile.changePage("#landingPage" , { transition: "slide"});
    WL.Logger.debug("Login Again");
};

myAppRealmChallengeHandler.submitLoginFormCallback = function(response) {
    var isLoginFormResponse = myAppRealmChallengeHandler.isCustomResponse(response);
    WL.Logger.debug("submitLoginFormCallback " + isLoginFormResponse + " responseText " + response.responseText);
    if (isLoginFormResponse){
        myAppRealmChallengeHandler.handleChallenge(response);
    } else {
        myAppRealmChallengeHandler.submitSuccess();
    }
};
$('#logindone').bind('click', function () {
        var reqURL = '/j_security_check';
        var options = {};
            options.parameters = {
                j_username : $.trim($('#fldloginUserID').val().toLowerCase()),
                j_password : $.trim($('#fldloginUserPassword').val())
            };
            options.headers = {};
            myAppRealmChallengeHandler.submitLoginForm(reqURL, options, myAppRealmChallengeHandler.submitLoginFormCallback);
    processLogin();
});

身份验证配置.xml

<securityTests>
        <mobileSecurityTest name="myMobileSecurity">
            <testUser realm="myAppRealm"/>
            <testDeviceId provisioningType="none"/>
        </mobileSecurityTest>       
        <customSecurityTest name="PushApplication-custom-securityTest">                             
            <test isInternalUserID="true" realm="PushAppRealm"/>   
        </customSecurityTest>       
        <customSecurityTest name="myAppSecurityTestCustom">                             
            <test isInternalUserID="true" realm="myAppRealm"/>   
        </customSecurityTest>       
        <customSecurityTest name="WorklightConsole">
            <test realm="WorklightConsole" isInternalUserID="true"/>
        </customSecurityTest>
</securityTests>    
<realms>
        <realm loginModule="StrongRC" name="myAppRealm">
            <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
            <!--<parameter name="login-page" value="login.html"/>-->
        </realm>
        <realm loginModule="PushAppLoginModule" name="PushAppRealm">                                                
            <className>com.worklight.core.auth.ext.BasicAuthenticator</className>   
            <parameter name="basic-realm-name" value="PushAppRealm"/>                                                  
        </realm>
        <realm loginModule="Console" name="WorklightConsole">
            <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
            <onLoginUrl>/console</onLoginUrl>
        </realm>
</realms>
<loginModules>
         <loginModule name="PushAppLoginModule">
            <className>com.rc.services.RCAuthModule</className>
        </loginModule>      
        <loginModule name="StrongRC">
            <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
        </loginModule>      
        <loginModule name="Console">
            <className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
        </loginModule>
</loginModules>

我的 processLogin() 函数

function processLogin(userid,password){ 
    var userid = $("#fldloginUserID").val();
    var password = $("#fldloginUserPassword").val();    
    WL.Logger.debug("Authenticating user credentials...");
    var invocationData = {  adapter: "LDAPAdapter", procedure: "ValidateUsers", parameters: [userid, password]};    
    WL.Client.invokeProcedure(invocationData, { 
        onSuccess: checkUserAccountStatus,  
        onFailure: function(){  hideBusyIndicator();
            showPopUp(msg_en.LoginFailed_MsgTitle , msg_en.LoginFailed_MsgDescription_2);
        } ,timeout : 30000  });
}

function checkUserAccountStatus(response){
    WL.Logger.debug("Checking user account status...");
    xmlDoc = $.parseXML(response.invocationResult.result);
    $xml = $( xmlDoc ); 
    if (!response ||!response.invocationResult || !response.invocationResult.result ||
            $xml.find("isUserValidated").text()=="false" ) { hideBusyIndicator();  
            showPopUp(msg_en.LoginFailed_MsgTitle, msg_en.LoginFailed_MsgDescription_2);
    else { getUserDetails(response.invocationResult.result); }  
}

function getUserDetails($xml){
 ...doing something over retrieved data from LDAP ,like saving in local var......
 ....
 ...then calling another adapter....
    if($xml.find("LDAPuserID").text() > 0){                 
            var invocationData = {adapter: "MQAdapter",procedure: "ListSummariesDetails", parameters: [$xml.find("LDAPuserID").text() ] };
            WL.Client.invokeProcedure(invocationData, {
                onSuccess: getSecretSuccessData_Callback,
                onFailure: function(){ hideBusyIndicator();
                    showPopUp(msg_en.SystemError_Title , msg_en.SystemError_Description);
                } ,timeout : 30000 });
        }   
}

function getSecretSuccessData_Callback(response){
...... now do something over retrived data
...let the user go in the main page of the App after login screen
    $.mobile.changePage("#mainPage" , { transition: "slide"});
}

ValidateUsersListSummariesDetails适配器函数使用上面给出的myAppSecurityTestCustom进行保护

4

3 回答 3

0

it looks like your login page (landingPage) is visible when the app starts, and that the first time logindone gets clicked, there is no authentication in progress (yet). This won't work the way you are expecting.

Make a different page the default page for your app. Take the call to processLogin() out of your click handler. I would also put the transition to mainPage in the success case of submitLoginFormCallback().

Now, put a call to WL.Client.login() in wlCommonInit(). (this will trigger authentication) Put the call to processLogin() in the success callback for the call to WL.Client.login()

于 2013-08-05T13:42:42.587 回答
0

This question was answered via a PMR the customer opened in IBM. They have since changed the implementation to using Adapter-based authentication as that is the authentication flow that fits their app structure. This question is somewhat outdated by now...

于 2013-11-26T19:48:58.983 回答
0

当我使用 IP 地址进行测试并且代码中存在 DNS 条目时,我遇到了这个问题,即我的 URL 是 mydomain.com 并且 IP 是 123.123.123.123 ,现在如果我使用 123.123.123.123 构建应用程序,我必须单击登录按钮两次。

我找到的解决方案是在我的主机/DNS 服务器中添加 mydomain.com,然后为 mydomain.com 构建应用程序。

非常适合我。

于 2013-11-26T10:02:16.703 回答