在Enterprise Worklight服务器中部署Worklight(v6.2.0.01)应用程序后,我遇到了以下问题。该问题仅适用于移动网络应用环境。
值得注意的是,同一环境中的相同应用程序在本地开发服务器(也基于Worklight 6.2.0.01)中运行良好。
控制台错误:
[Error] unknown challenge arrived, cannot process realm wl_deviceNoProvisioningRealm challenge.
__log (worklight.js, line 4879)
(anonymous function) (worklight.js, line 5237)
executeChallenge (worklight.js, line 8783)
checkResponseForChallenges (worklight.js, line 8692)
onWlFailure (worklight.js, line 3411)
(anonymous function) (worklight.js, line 950)
respondToReadyState (worklight.js, line 1172)
onStateChange (worklight.js, line 1105)
(anonymous function) (worklight.js, line 950)
屏幕错误:
处理来自的请求时遇到错误 应用
authenticationConfig.xml:
<!-- Licensed Materials - Property of IBM
5725-I43 (C) Copyright IBM Corp. 2006, 2013. All Rights Reserved.
US Government Users Restricted Rights - Use, duplication or
disclosure restricted by GSA ADP Schedule Contract with IBM Corp. -->
<staticResources>
<resource id="subscribeServlet" securityTest="SubscribeServlet">
<urlPatterns>/subscribeSMS*;/receiveSMS*;/ussd*</urlPatterns>
</resource>
</staticResources>
<securityTests>
<mobileSecurityTest name="SampleApp">
<testDeviceId provisioningType="none" />
<testUser realm="SampleAppRealm" />
<testDirectUpdate mode="perSession" />
</mobileSecurityTest>
<customSecurityTest name="SubscribeServlet">
<test realm="SubscribeServlet" isInternalUserID="true"/>
</customSecurityTest>
</securityTests>
<realms>
<realm loginModule="SampleAppLoginModule" name="SampleAppRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="AuthenticationAdapter.onAuthRequired" />
<parameter name="logout-function" value="AuthenticationAdapter.onLogout" />
</realm>
<!-- <realm name="SampleAppRealm" loginModule="StrongDummy">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm> -->
<realm name="SubscribeServlet" loginModule="rejectAll">
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
</realm>
<!-- For client logger -->
<!-- <realm name="LogUploadServlet" loginModule="StrongDummy">
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
</realm -->
<!-- For websphere -->
<!-- realm name="WASLTPARealm" loginModule="WASLTPAModule">
<className>com.worklight.core.auth.ext.WebSphereFormBasedAuthenticator</className>
<parameter name="login-page" value="/login.html"/>
<parameter name="error-page" value="/loginError.html"/>
</realm -->
<!-- For User Certificate Authentication -->
<!-- realm name="wl_userCertificateAuthRealm" loginModule="WLUserCertificateLoginModule">
<className>com.worklight.core.auth.ext.UserCertificateAuthenticator</className>
<parameter name="dependent-user-auth-realm" value="WASLTPARealm" />
<parameter name="pki-bridge-class" value="com.worklight.core.auth.ext.UserCertificateEmbeddedPKI" />
<parameter name="embedded-pki-bridge-ca-p12-file-path" value="/opt/ssl_ca/ca.p12"/>
<parameter name="embedded-pki-bridge-ca-p12-password" value="capassword" />
</realm -->
<!-- For Trusteer Fraud Detection -->
<!-- Requires acquiring Trusteer SDK -->
<!-- realm name="wl_basicTrusteerFraudDetectionRealm" loginModule="trusteerFraudDetectionLogin">
<className>com.worklight.core.auth.ext.TrusteerAuthenticator</className>
<parameter name="rooted-device" value="block"/>
<parameter name="device-with-malware" value="block"/>
<parameter name="rooted-hiders" value="block"/>
<parameter name="unsecured-wifi" value="alert"/>
<parameter name="outdated-configuration" value="alert"/>
</realm -->
</realms>
<loginModules>
<loginModule name="SampleAppModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<!-- <loginModule name="StrongDummy">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule name="requireLogin">
<className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
</loginModule> -->
<loginModule name="rejectAll">
<className>com.worklight.core.auth.ext.RejectingLoginModule</className>
</loginModule>
<!-- Required for Trusteer - wl_basicTrusteerFraudDetectionRealm -->
<!-- loginModule name="trusteerFraudDetectionLogin">
<className>com.worklight.core.auth.ext.TrusteerLoginModule</className>
</loginModule-->
<!-- For websphere -->
<!-- loginModule name="WASLTPAModule">
<className>com.worklight.core.auth.ext.WebSphereLoginModule</className>
</loginModule -->
<!-- Login module for User Certificate Authentication -->
<!-- <loginModule name="WLUserCertificateLoginModule">
<className>com.worklight.core.auth.ext.UserCertificateLoginModule</className>
</loginModule> -->
<!-- For enabling SSO with no-provisioning device authentication -->
<!-- <loginModule name="MySSO" ssoDeviceLoginModule="WLDeviceNoProvisioningLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule> -->
<!-- For enabling SSO with auto-provisioning device authentication -->
<!-- <loginModule name="MySSO" ssoDeviceLoginModule="WLDeviceAutoProvisioningLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule> -->
</loginModules>
答案 0 :(得分:1)
您已经提到过您的应用程序在移动Web应用程序环境中使用。在此环境中,应用程序由Worklight Server提供,并使用操作系统的移动浏览器应用程序(移动Safari,移动Chrome等)进行显示。
您获得的错误中提到的wl_deviceNoProvisioningRealm测试是用于 only in hybrid and/or native applications - 而不是在移动网络应用程序中使用。
在您的情况下,您使用的是预定义的mobileSecurityTest。 wl_deviceNoProvisioningRealm的预定义安全测试 checks by default 。
虽然我不清楚为什么你会像你描述的那样得到这个错误,但我认为你应该做的是:
webSecurityTest,因为它不包含wl_deviceNoProvisioningRealm,适合 web 环境,例如适用于您的应用的环境...... 或者创建自定义安全测试。
如果您选择创建自定义安全测试,例如“myMobileWebAppEnv”,请确保不包含wl_deviceNoProvisioningRealm测试。然后,在application-descriptor.xml中,您将需要专门为移动Web应用程序环境元素应用它。
在此处详细了解安全测试:Understanding predefined Worklight authentication realms and security tests
答案 1 :(得分:0)
该问题与IBM有关,在提出PMR后,他们向我们提供了包含修复和额外32个修复的Eclipse更新。