mobilefirst 7.1身份验证不起作用

时间:2016-03-01 09:04:52

标签: authentication ibm-mobilefirst mobilefirst-server

*编辑:IBM员工今天访问了我们,以便了解这个问题。 我们没有解决问题,但我们认为问题的根源是别的。所以我将重写问题描述。

由于appAuthenticityTest失败,服务器拒绝连接。所以现在我们禁用appAuthenticityTest来测试服务器配置。

但我们现在在日志中看到以下错误:

[3/4/16 16:12:06:529 CET] 000000a4 LoginContext  E com.worklight.core.auth.impl.LoginContext processRequest FWLSE0059E: Login into realm 'wl_authenticityLoginModule' failed. Missing app authenticity configuration parameters. [project mapruntime]
                                 com.worklight.gadgets.GadgetRuntimeException: Missing app authenticity configuration parameters
    at com.worklight.core.auth.ext.appauth.AuthenticityAuthenticatorImpl.processRequest(AuthenticityAuthenticatorImpl.java:82)
    at com.worklight.core.auth.ext.AuthenticityAuthenticator.processRequest(AuthenticityAuthenticator.java:79)
    at com.worklight.core.auth.impl.LoginContext.processRequest(LoginContext.java:212)
    at com.worklight.core.auth.impl.AuthenticationContext.checkAuthentication(AuthenticationContext.java:779)
    at com.worklight.core.auth.impl.AuthenticationContext.processRealms(AuthenticationContext.java:679)
    at com.worklight.core.auth.impl.AuthenticationContext.pushCurrentResource(AuthenticationContext.java:652)
    at com.worklight.core.auth.impl.AuthenticationServiceBean.accessResource(AuthenticationServiceBean.java:81)
    at com.worklight.core.auth.impl.AuthenticationFilter.doFilter(AuthenticationFilter.java:228)
    at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
    at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
    at com.worklight.analytics.AnalyticsFilter.doFilter(AnalyticsFilter.java:124)
    at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
    at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
    at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:967)
    at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1107)
    at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3926)
    at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:304)
    at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1007)
    at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1817)
    at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:200)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:463)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:530)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:316)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:287)
    at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:1049)
    at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.readyInboundPostHandshake(SSLConnectionLink.java:717)
    at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyHandshakeCompletedCallback.complete(SSLConnectionLink.java:413)
    at com.ibm.ws.ssl.channel.impl.SSLUtils.handleHandshake(SSLUtils.java:1073)
    at com.ibm.ws.ssl.channel.impl.SSLHandshakeIOCallback.complete(SSLHandshakeIOCallback.java:87)
    at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:175)
    at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
    at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
    at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
    at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
    at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
    at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
    at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1881)

[3/4/16 16:12:06:537 CET] 000000a4 LoginContext  E com.worklight.core.auth.impl.LoginContext processRequest FWLSE0117E: Error code: 4, error description: AUTHENTICATION_ERROR, error message: An error occurred while performing authentication using loginModule wl_authenticityLoginModule, User Identity Not available. [project mapruntime] [project mapruntime]

我的application-descriptor.xml包含:

<android securityTest="MAPCertLogin" version="1.0.4">
  <worklightSettings include="false"/>
  <pushSender key="**********" senderId="******"/>
  <compressWebResources enabled="true"/>
</android>
<common securityTest="MAPCertLogin"/>

我的authenticationConfig.xml:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<tns:loginConfiguration xmlns:tns="http://www.worklight.com/auth/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <!-- Licensed Materials - Property of IBM
             5725-I43 (C) Copyright IBM Corp. 2006, 2013. All Rights Reserved.
             US Government Users Restricted Rights - Use, duplication or
             disclosure restricted by GSA ADP Schedule Contract with IBM Corp. -->
    <!---->
    <!--  Sample security tests  
         Even if not used there will be some default webSecurityTest and mobileSecurityTest 
         Attention: if using <testAppAuthenticity/> test below ,<publicSigningKey> element must be added to application-descriptor.xml as well. -->
    <securityTests>
        <mobileSecurityTest name="MAPCertLogin">    
            <testUser realm="MAPLoginRealm"/>   
            <testDirectUpdate mode="perRequest"/>
            <testDeviceId provisioningType="custom" realm="MAPLoginRealm"/>
            <!--  testAppAuthenticity  -->
        </mobileSecurityTest>
     <!--      
        <customSecurityTest name="PushSecurityTest">
            <test isInternalUserID="true" realm="MAPLoginRealm"/>
            <test isInternalDeviceID="true" realm="MAPLoginRealm" />
        </customSecurityTest>
        -->
    </securityTests>
    <realms>
        <realm loginModule="StrongDummy" name="SampleAppRealm">
            <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
        </realm>
        <realm loginModule="MAPLoginModule" name="MAPLoginRealm">
            <className>com.worklight.core.auth.ext.DeviceAutoProvisioningAuthenticator</className>
            <parameter name="validate-csr-function" value="Authenticator.validateCSR"/>
        </realm>
    </realms>
    <loginModules>
        <loginModule expirationInSeconds="-1" name="StrongDummy">
            <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
        </loginModule>
        <loginModule expirationInSeconds="-1" name="requireLogin">
            <className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
        </loginModule>
        <loginModule expirationInSeconds="-1" name="MAPLoginModule">
            <className>com.worklight.core.auth.ext.DeviceAutoProvisioningLoginModule</className>
            <parameter name="validate-certificate-function" value="Authenticator.validateCertificate"/>
        </loginModule>
    </loginModules>
</tns:loginConfiguration>

为什么我们在禁用appAuthenticityTest时会收到“缺少app authenticity配置参数”错误?

此致 斯泰恩

1 个答案:

答案 0 :(得分:0)

我认为发生此错误是因为您还尝试实施自定义设备配置,但​​设备配置需要真实性...因此要么根据应用程序真实性教程修复您的真实性设置,要么也删除设备配置定义。

相关问题
最新问题