将cookie附加到WorkLight

将cookie附加到WorkLight

本文介绍了将cookie附加到WorkLight Adapter响应头的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用WorkLight 5.0.6开发移动应用程序,我想在适配器返回的响应中附加安全cookie。

I am developing a mobile app using WorkLight 5.0.6 and I would like to attach a secure cookie to the response returned by an adapter.

我们没有使用WorkLight身份验证领域,因为我们不希望将会话绑定到群集生产环境中的特定WL服务器。我们通过调用登录适配器来验证会话,该适配器根据后端系统验证用户详细信息。作为来自登录适配器调用的响应的一部分,我想创建一个包含经过身份验证的信息的安全cookie(仅限http),并将其附加到从登录适配器返回的响应中。 cookie也应该包含在从应用程序调用服务器的后续适配器的标题中。

We are not using a WorkLight Authentication realm because we do not wish to "bind" the session to a specific WL server in a clustered production environment. We authenticate the session by calling a sign-on adapter which authenticates the user details against a back end system. As part of the response from the sign-on adapter call I would like to create a secure cookie (http only) containing the authenticated information and attach it to the response returned from the sign-on adapter. The cookie should also be included in the header for subsequent Adapter made from the application call to the server.

问候,

 Tom.


推荐答案

我建议尝试创建一个自定义的Worklight身份验证器与您的后端通信。可以在此处找到自定义验证器的文档:

I would suggest trying to create a custom Worklight authenticator that communicates with your backend. Documentation for a custom authenticator can be found here:

要回答您的问题,我将在不使用自定义身份验证器的情况下接触它:

To answer your question, here is how I would approach it without using a custom authenticator:


  • 使适配器调用从客户端进行身份验证

  var invocationData = {
          adapter : 'authenticationAdapter',
          procedure : 'authenticate',
          parameters : [username, password]
  };

  WL.Client.invokeProcedure(invocationData, {
      onSuccess : authSuccess,
      onFailure : authFailure
  });

}




  • 从客户端的响应中获取cookie并保存(我建议使用JSONStore保存,也可以加密保存的cookie)

  • function authSuccess(response){
        console.log("Auth Success");
        var myCookie = response.invocationResult.responseHeaders.CookieName
    
        // Save cookie somehow
    }
    





    • 在后续的适配器调用中,从客户端发送cookie以及每个请求

    • var mySecureCookie = getMyCookieFromLocalStorage();

      var mySecureCookie = getMyCookieFromLocalStorage();

        var invocationData = {
                adapter : 'protectedResourceAdapter',
                procedure : 'getResource',
                parameters : [mySecureCookie]
        };
      
        WL.Client.invokeProcedure(invocationData, {
            onSuccess : success,
            onFailure : failure
        });
      

      }




      • 在适配器上,在标题中设置cookie

        • On the adapter, set the cookie in the header

          函数getResource(secureCookie){

          function getResource(secureCookie) {

          // Secure cookie must be of the form:  "CookieName=cookievalue"
          
          var input = {
              method : 'get',
              returnedContentType : 'json',
              path : "/resource",
              headers: {"Cookie": secureCookie}
          };
          
          return WL.Server.invokeHttp(input);
          

          }

          这篇关于将cookie附加到WorkLight Adapter响应头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-19 18:02