我一直在为适配器进行两项安全测试。
其中一项安全测试是查看用户是否为管理员
第二次安全测试是查看用户是否是项目经理。
这两种角色都有不同的访问权限,需要单独处理。
所以我在authenticationConfiguration.xml
中定义了两个安全测试对于这两个安全测试,我已经在javascript中的移动应用程序中创建了领域处理程序
所有代码都在下面。
问题:
如果调用需要安全检查的过程,则调用secruity域。但只有首先加载的安全测试是继续验证的安全测试,而另一个安全测试甚至没有收到挑战。
有人可以告诉我为什么要调用这两个安全测试,以及如何确保它只调用适当的适配器的安全测试。 两种安全测试都是单步认证
<securityTests>
<customSecurityTest name="Admin-securityTest">
<test isInternalUserID="true" realm="AdminAuthRealm"/>
</customSecurityTest>
<customSecurityTest name="PM-securityTest">
<test isInternalUserID="true" realm="PMAuthRealm"/>
</customSecurityTest>
</securityTests>
<realms>
<realm loginModule="AuthLoginModule" name="AdminAuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="AdminAdapter.onAuthRequired"/>
<parameter name="logout-function" value="AdminAdapter.onLogout"/>
</realm>
<realm loginModule="AuthLoginModule" name="PMAuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="ProjectAdapter.onAuthRequired"/>
<parameter name="logout-function" value="ProjectAdapter.onLogout"/>
</realm>
</realms>
<loginModules>
<loginModule name="AuthLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
</loginModules>
AdminAdapter
<procedure name="submitAuthentication"/>
<procedure name="getUsers" securityTest="Admin-securityTest"/>
PMAdapter
<procedure name="submitAuthentication"/>
<procedure name="updateProject" securityTest="PM-securityTest"/>
AdminRealmHandler
var AdminAuthRealmChallengeHandler = WL.Client.createChallengeHandler("AdminAuthRealm")
AdminAuthRealmChallengeHandler.isCustomResponse = function(response) {
console.log("ADMIN AUTH");
console.log(response);
if (!response || !response.responseJSON || response.responseText === null) {
console.log("is costumresponse false 1 No json");
return false;
}
if (typeof(response.responseJSON.authRequired) !== 'undefined'){
console.log("is costumresponse true needs auth");
return true;
}
else {
console.log("is costumresponse false 2 else");
return false;
}
};
AdminAuthRealmChallengeHandler.handleChallenge = function(response){
var authRequired = response.responseJSON.authRequired;
if (authRequired == true){
if(response.responseJSON.errorMessage !== null){
AdminAuthRealmChallengeHandler.submitFailure();
}else{
var invocationData = {
adapter : "AdminAdapter",
procedure : "submitAuthentication",
parameters : [ userId, email, connectionsUid ]
};
AdminAuthRealmChallengeHandler.submitAdapterAuthentication(invocationData, {});
}
}
else if (authRequired == false){
AdminAuthRealmChallengeHandler.submitSuccess();
}
};
ProjectRealmHandler
var PMAdminAuthRealmChallengeHandler = WL.Client.createChallengeHandler("PMAuthRealm");
PMAdminAuthRealmChallengeHandler.isCustomResponse = function(response) {
console.log(response);
if (!response || !response.responseJSON || response.responseText === null) {
return false;
}
if (typeof(response.responseJSON.authRequired) !== 'undefined'){
return true;
} else {
return false;
}
};
PMAdminAuthRealmChallengeHandler.handleChallenge = function(response){
var authRequired = response.responseJSON.authRequired;
console.log(response);
if(response.responseJSON.errorMessage !== null && typeof(response.responseJSON.errorMessage) !== 'undefined'){
PMAdminAuthRealmChallengeHandler.submitFailure();
}
if (authRequired == true){
if(response.responseJSON.errorMessage !== null){
PMAdminAuthRealmChallengeHandler.submitFailure();
}else{
var invocationDataPM = {
adapter : "ProjectAdapter",
procedure : "submitAuthentication",
parameters : [ userId, email, connectionsUid ]
};
PMAdminAuthRealmChallengeHandler.submitAdapterAuthentication(invocationDataPM, {});
}
}
else if (authRequired == false){
PMAdminAuthRealmChallengeHandler.submitSuccess();
}
};