以下是我正在使用的代码
function createUser(realm, userid, displayName, sessionToken, devicePrint){
var userIdentity = {
'userId' : userid,
'displayName' : displayName,
attributes: {
'credentials' : sessionToken,
'authenticatedDate' : new Date(),
'devicePrint' : devicePrint
}
};
LOG.info("Realm = " + realm + "\n UserIdentity = " + JSON.stringify(userIdentity));
WL.Server.setActiveUser(realm, null);
WL.Server.setActiveUser(realm, userIdentity);
var user = WL.Server.getActiveUser(realm);
LOG.info("User = " + JSON.stringify(user));
}
当我调用WL.Server.setActiveUser(realm,userIdentity)时,一切看起来都很好; (参数都填充并且看起来正确)。在我在同一个精确域上调用WL.Server.getActiveUser之后,它立即返回null。
我怀疑会话独立模式,但我已确认它已设置为false。
mfp.session.independent=false
mfp.attrStore.type=httpsession
这是我的程序XML配置(调用createUser()函数的过程)
<procedure name="validateUserId" securityTest="wl_unprotected">
<displayName>Validate UserID</displayName>
</procedure>
还有什么呢?
编辑: authenticationConfig.xml
<realms>
<!-- Realm used once authentication completes -->
<realm loginModule="CustomMFALoginModule" name="CustomMFAAuthenticatorRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="AuthAdapter.onAuthRequired"/>
<parameter name="logout-function" value="AuthAdapter.logout"/>
</realm>
<!-- Realm used on validate user and challenge calls from MFA -->
<realm loginModule="CustomMFAInitLoginModule" name="CustomMFAAuthenticatorInitRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="AuthAdapter.onAuthRequired"/>
<parameter name="logout-function" value="AuthAdapter.logout"/>
</realm>
<realm loginModule="StrongDummy" name="SampleAppRealm">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>
<realm loginModule="rejectAll" name="SubscribeServlet">
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
</realm>
</realms>
<loginModules>
<loginModule expirationInSeconds="-1" name="CustomMFALoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule expirationInSeconds="-1" name="CustomMFAInitLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule expirationInSeconds="-1" name="StrongDummy">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule expirationInSeconds="-1" name="requireLogin">
<className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
</loginModule>
<loginModule expirationInSeconds="-1" name="rejectAll">
<className>com.worklight.core.auth.ext.RejectingLoginModule</className>
</loginModule>
</loginModules>
SecurityTests
<securityTests>
<customSecurityTest name="MFAAuthenticated-securityTest">
<test realm="wl_authenticityRealm" step="1"/>
<test isInternalUserID="true" realm="CustomMFAAuthenticatorRealm" step="1"/>
</customSecurityTest>
<customSecurityTest name="SubscribeServlet">
<test isInternalUserID="true" realm="SubscribeServlet"/>
</customSecurityTest>
</securityTests>
答案 0 :(得分:0)
那么,您是否可以尝试从修复中心http://www-01.ibm.com/support/docview.wss?uid=swg2C7000003下载最新的MFP。
希望这将是修复,否则你应该作为PMR(支持票)处理。打开PMR后,请在问题中提及其编号。
<强>更新
用于会话独立模式,
mfp.session.independent=false
mfp.attrStore.type=httpsession
浏览器无法更好地使用桌面浏览器进行测试
另一件事是,要进行测试,您需要使用模拟器/模拟器或物理设备。