我们有一个HTTP适配器,其中包含一些声明如下的安全过程:
<wl:adapter name="PushAdapter" ...
.
.
<procedure name="submitNotification" securityTest="AdapterSecurityTest"/>
<procedure name="submitNotificationMass" securityTest="AdapterSecurityTest"/>
使用基于适配器的身份验证执行安全性测试,如下所示:
<securityTests>
<mobileSecurityTest name="AdapterSecurityTest">
<testUser realm="MyRealm"/>
<testDeviceId provisioningType="none"/>
</mobileSecurityTest>
</securityTests>
<realms>
<realm name="MyRealm" loginModule="NonValidatingLoginModule">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function">AuthenticationAdapter.onAuthRequired</parameter>
<parameter name="logout-function">AuthenticationAdapter.onLogout</parameter>
</realm>
</realms>
我们需要能够使用适配器调用服务在HTTP中调用适配器过程。使用调用服务,调用URL应如下所示:
http://<server>:<port>/<Context>/invoke?adapter=PushAdapter&procedure=submitNotification¶meters=[userId, notification text to be sent]
当过程安全性测试设置为“wl_unprotected”时,调用按预期工作。但是如果使用安全性测试,则调用将返回以下响应:
/*-secure-{"WL-Authentication-Failure":{"wl_remoteDisableRealm":{"reason":"Login Failed"}}}*/
问题是,我们如何使用调用服务进行身份验证?我们现在尝试设置授权HTTP标头。
谢谢
答案 0 :(得分:2)
我已按照该过程使用Worklight 6.2 Samples中的帮助基于适配器的身份验证实现。
第1步: 根据您的环境实际值
在标题中添加以下值 x-wl-app-details:{"applicationDetails":{"platformVersion":"6.2.0.00.20140613-0730","nativeVersion":""}}
x-wl-app-version:1.0
请求:http://x.x.x.x:10080/AdapterBasedAuth/apps/services/api/SingleStepAuth/common/init
响应:
/*-secure- {"challenges":{"wl_antiXSRFRealm":{"WL-Instance-Id":"gi1cqaqd3p89763l1amoklsq3u"}}}*/
第2步:
在标题中添加 WL-Instance-Id: gi1cqaqd3p89763l1amoklsq3u
请求:
http://xx.xx.xx.xx:10080/AdapterBasedAuth/apps/services/api/SingleStepAuth/common/query?adapter=SingleStepAuthAdapter&procedure=submitAuthentication¶meters=['worklight','worklight']
响应:
/*-secure-
{"isSuccessful":true,"WL-Authentication-Success":{"SingleStepAuthRealm":{"userId":"worklight","isUserAuthenticated":1,"attributes":{"foo":"bar"},"displayName":"worklight"},"wl_antiXSRFRealm":{"userId":"j136h3aus2v1vlbjr860mmossc","attributes":{},"isUserAuthenticated":1,"displayName":"j136h3aus2v1vlbjr860mmossc"},"wl_anonymousUserRealm":{"userId":"747809a4-3574-4958-a55a-f084b2c9f02c","attributes":{},"isUserAuthenticated":1,"displayName":"747809a4-3574-4958-a55a-f084b2c9f02c"}},"authRequired":false}*/
第3步:
添加授权标头和先前回复中的值
"SingleStepAuthRealm":{"userId":"worklight","isUserAuthenticated":1,"attributes":{"foo":"bar"},"displayName":"worklight"}
请求:http://xx.xx.xx.xx:10080/AdapterBasedAuth/apps/services/api/SingleStepAuth/common/query?adapter=SingleStepAuthAdapter&procedure=getSecretData
响应:
/*-secure-
{"isSuccessful":true,"secretData":"A very very very very secret data"}*/
要了解有关此流程的更多信息,请按照此IBM Community Blog。
进行操作我相信你正在寻找的东西。