我正在遵循有关在https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-0/authentication-security/adapter-based-authentication/上实现基于适配器的身份验证的教程isCustomReponse
方法总是返回false,因为“ authRequired”不在响应中。如果我做错任何事情,请帮助我。
适配器代码
function onAuthRequired(headers, errorMessage){
errorMessage = errorMessage ? errorMessage : null;
return {
authRequired: true,
errorMessage: errorMessage
};
}
function submitAuthentication(username, password){
// if (username==="user" && password === "user"){
var userIdentity = {
userId: username,
displayName: username,
attributes: {
foo: "bar"
}
};
WL.Server.setActiveUser("SingleStepAuthRealm", userIdentity);
return {
authRequired: false
};
// }
// return onAuthRequired(null, "Invalid login credentials");
}
function onLogout(){
WL.Logger.debug("Logged out");
}
AuthenticationConfig.xml
<?xml version="1.0" encoding="UTF-8"?>
<tns:loginConfiguration xmlns:tns="http://www.worklight.com/auth/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- Licensed Materials - Property of IBM
5725-I43 (C) Copyright IBM Corp. 2006, 2013. All Rights Reserved.
US Government Users Restricted Rights - Use, duplication or
disclosure restricted by GSA ADP Schedule Contract with IBM Corp. -->
<staticResources>
<!--
<resource id="logUploadServlet" securityTest="LogUploadServlet">
<urlPatterns>/apps/services/loguploader*</urlPatterns>
</resource>
-->
<resource id="subscribeServlet" securityTest="SubscribeServlet">
<urlPatterns>/subscribeSMS*;/receiveSMS*;/ussd*</urlPatterns>
</resource>
</staticResources>
<securityTests>
<customSecurityTest name="SubscribeServlet">
<test realm="SubscribeServlet" isInternalUserID="true"/>
</customSecurityTest>
<customSecurityTest name="SingleStepAuthAdapter-securityTest">
<test isInternalUserID="true" realm="SingleStepAuthRealm"/>
</customSecurityTest>
</securityTests>
<realms>
<realm loginModule="AuthLoginModule" name="SingleStepAuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="SingleStepAuthAdapter.onAuthRequired"/>
<parameter name="logout-function" value="SingleStepAuthAdapter.onLogout"/>
</realm>
<realm name="SampleAppRealm" loginModule="StrongDummy">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>
<realm name="SubscribeServlet" loginModule="rejectAll">
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
</realm>
</realms>
<loginModules>
<loginModule name="AuthLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule name="StrongDummy" expirationInSeconds="-1">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule name="requireLogin" expirationInSeconds="-1">
<className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
</loginModule>
<loginModule name="rejectAll">
<className>com.worklight.core.auth.ext.RejectingLoginModule</className>
</loginModule>
</loginModules>
</tns:loginConfiguration>
Android代码
public void IBMPushNotification() {
try {
client.registerChallengeHandler(newLoginChallengeHandler(realm,"test"));
client.connect(new MyConnectionListener());
} catch (Exception ex) {
ex.printStackTrace();
}
}
登录挑战处理程序
private LoginChallengeHandler challengeHandler;
private String realm = "SingleStepAuthRealm";
public class LoginChallengeHandler extends ChallengeHandler{
private String userName;
public LoginChallengeHandler(String realm,String user) {
super(realm);
userName = user;
}
@Override
public boolean isCustomResponse(WLResponse wlResponse) {
try {
if(wlResponse!= null && wlResponse.getResponseJSON()!=null &&
wlResponse.getResponseJSON().isNull("authRequired") != true &&
wlResponse.getResponseJSON().getBoolean("authRequired") == true){
return true;
}
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
@Override
public void handleChallenge(WLResponse wlResponse) {
submitLogin(userName,"dummy");
}
@Override
public void onSuccess(WLResponse wlResponse) {
if(isCustomResponse(wlResponse)) {
handleChallenge(wlResponse);
} else {
submitSuccess(wlResponse);
}
}
@Override
public void onFailure(WLFailResponse wlFailResponse) {
}
public void submitLogin(String userName, String password){
Object[] parameters = new Object[]{userName, password};
WLProcedureInvocationData invocationData = new WLProcedureInvocationData("SingleStepAuthAdapter", "submitAuthentication");
invocationData.setParameters(parameters);
WLRequestOptions options = new WLRequestOptions();
options.setTimeout(30000);
submitAdapterAuthentication(invocationData, options);
}
}
最佳答案
在没有设置authRequired的情况下,多次调用质询处理程序是很正常的-当不需要身份验证时,这只是正常的服务器响应。仅当您通过访问受保护的资源触发了身份验证过程时,才会显示authRequired有效负载,这又将导致安全子系统调用适配器的onAuthRequired方法。
我建议在您的onAuthRequired方法中添加一条跟踪语句,这将向您显示发生这种情况的时间。
正如Nathan H所说,最可能的原因是您没有访问受保护的资源,因为尚未将安全性测试应用于适配器过程或整个应用程序。在示例中,您正在使用的getSecretData()过程受到如此保护。