1

I'm finding the documentation for authentication extremely confusing.

What I'd like to do is to have the very first page in my mobile application be a login page. Here I would like the user to enter their username and password and then I use that to authenticate to the server. I don't want to authenticate against an adapter but rather against the application.

I thought if I put a test against the common code in the application-descriptor.xml file like this <common securityTest="BasicAuthTest"/> I could protect the app.

In the authenticationConfig.xml I have

    <mobileSecurityTest name="BasicAuthTest">
        <testAppAuthenticity/> 
        <testDeviceId provisioningType="none" />
        <testUser realm="SampleAppRealm" />
    </mobileSecurityTest>

and also in the realms section

<realm name="SampleAppRealm" loginModule="StrongDummy">
    <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>

and finally in the loginModules section

<loginModule name="StrongDummy">
    <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>

However I get the error

{"WL-Authentication-Failure":{"wl_authenticityRealm":{"reason":"missing shared data required for authenticity test"}}}

I don't know what this missing shared data is. Can anyone enlighten me please?

ps I'm running Worklight v6.0.0.1 Enterprise edition and I have pointed my WL Studio to my WL server that I am running on top of a WebSphere Liberty server v8.5.5

If anyone can point me at a good tutorial for this other than the stuff in the Getting Started that would be great.

4

1 回答 1

1
  1. 应用程序真实性您要完成的任务(应用程序启动时的登录表单)完全无关;应用程序身份验证发生在应用程序初始化期间,因为它在其会话中首次尝试连接到 Worklight Server,然后在客户端进行任何身份验证。
  2. App Authenticity 仅适用于 iOS 和 Android。
  3. 安全测试概念的详细解释。我建议彻底阅读它。
  4. 该错误消息是由于 App Authenticity 设置不完整;从错误中我猜您正在尝试在 Android 设备上使用您的应用程序;请阅读上面 1 中链接的材料,了解如何正确设置 App Authenticity。

至于您的身份验证方法,您可以只使用基于表单的身份验证。入门培训模块在指导您如何操作方面做得很好(您必须从身份验证概念培训模块开始)。

首先按照上面 1 中的指南解决您的应用程序真实性问题。

于 2013-10-21T07:16:08.033 回答