我的理解是worklight提供的身份验证机制是基于按需的 - 当您访问某些受保护资源时,将调用客户端ChallengeHandler。
但是,我们遇到了一个非常奇怪的情况 - 只要客户端调用WLClient :: connect方法,就会调用Challenge Handler。我们甚至没有开始调用适配器方法。
认证-config.xml中
<?xml version="1.0" encoding="UTF-8"?>
<tns:loginConfiguration xmlns:tns="http://www.worklight.com/auth/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- Licensed Materials - Property of IBM 5725-I43 (C) Copyright IBM Corp.
2006, 2013. All Rights Reserved. US Government Users Restricted Rights -
Use, duplication or disclosure restricted by GSA ADP Schedule Contract with
IBM Corp. -->
<securityTests>
<mobileSecurityTest name="UserAuthSecurityTest">
<testUser realm="UserAuthRealm" />
</mobileSecurityTest>
<mobileSecurityTest name="PushNotificationSecurityTest">
<testUser realm="UserAuthRealm" />
<testDeviceId provisioningType="none" />
</mobileSecurityTest>
</securityTests>
<realms>
<realm loginModule="AuthLoginModule" name="UserAuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="UserAuthAdapter.onAuthRequired" />
<parameter name="logout-function" value="UserAuthAdapter.onLogout" />
</realm>
</realms>
<loginModules>
<loginModule name="AuthLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
</loginModules>
</tns:loginConfiguration>
应用descriptor.xml
<android securityTest="PushNotificationSecurityTest" version="3.0.1">
<worklightSettings include="false"/>
<pushSender key="..." senderId="..."/>
<security>
<encryptWebResources enabled="false"/>
<testWebResourcesChecksum enabled="false" ignoreFileExtensions="png, jpg, jpeg, gif, mp4, mp3"/>
<publicSigningKey>........</publicSigningKey>
</security>
</android>
答案 0 :(得分:1)
您是否在application-descriptor.xml中的环境中设置了securityTest?如果你有,这将解释它。
在application-descriptor.xml中的环境中声明的安全测试将在应用程序启动时触发身份验证。