MobileFirst[GatewayChallengeHandler]:Android应用程序在尝试访问服务器资源时崩溃
我是Android平台的新手 我开始为Android编写MobileFirstPlatform 8应用程序,我需要使用反向代理对该应用程序进行身份验证。我开始关注这个博客 在执行Android应用程序时,当应用程序试图达到“/MFP/api/adapters/ResourceAdapter/balance”时,当MFP服务器返回“403禁止”后,Android应用程序崩溃 我检查了DataPower Cordova应用程序的行为,发现它工作正常MobileFirst[GatewayChallengeHandler]:Android应用程序在尝试访问服务器资源时崩溃,android,ibm-mobilefirst,Android,Ibm Mobilefirst,我是Android平台的新手 我开始为Android编写MobileFirstPlatform 8应用程序,我需要使用反向代理对该应用程序进行身份验证。我开始关注这个博客 在执行Android应用程序时,当应用程序试图达到“/MFP/api/adapters/ResourceAdapter/balance”时,当MFP服务器返回“403禁止”后,Android应用程序崩溃 我检查了DataPower Cordova应用程序的行为,发现它工作正常 cordova应用程序请求“/mfp/api/ad
09-08 02:13:28.376 3914-3945/com.sample.datapowerandroid E/com.worklight.common.Logger$UncaughtExceptionHandler: Logger$UncaughtExceptionHandler.uncaughtException in Logger.java:444 :: Uncaught Exception
java.lang.Error: Multiple values for 'WWW-Authenticate' header were detected
at com.worklight.wlclient.auth.WLAuthorizationManagerInternal.getAuthorizationScope(WLAuthorizationManagerInternal.java:1328)
at com.worklight.wlclient.auth.WLAuthorizationManagerInternal.getAuthorizationScope(WLAuthorizationManagerInternal.java:365)
at com.worklight.wlclient.api.WLResourceRequest.handleOnSuccess(WLResourceRequest.java:687)
at com.worklight.wlclient.api.WLResourceRequest.access$100(WLResourceRequest.java:65)
at com.worklight.wlclient.api.WLResourceRequest$1.onResponse(WLResourceRequest.java:596)
at com.squareup.okhttp.Call$AsyncCall.execute(Call.java:177)
at com.squareup.okhttp.internal.NamedRunnable.run(NamedRunnable.java:33)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)
普拉纳布 编辑1: 使用的反向代理:IBM Security Access Manager。 代理当前配置为让流量在应用程序和MFP服务器之间无缝流动 该应用程序仅更改为以正确的URL向代理提交表单响应。对默认应用程序的唯一其他更改是我已更改为15的MinSDK版本(不确定是否相关) 应用程序指向的是反向代理,而不是MFP。但在您查询后,我确实直接对MFP服务器进行了测试。当直接指向MFP服务器而中间没有ISAM时,我看到了不同的行为。应用程序没有崩溃,而是抛出消息“缺少安全检查的质询处理程序” 我已重新确认MFP服务器上的资源设置,并将其配置为调用LtpaBasedSSO安全检查,并将应用程序配置为处理来自MFP的质询。如果我检查MFP服务器和应用程序之间的数据(通过WireShark),我可以看到调用了正确的安全检查。但由于某些原因,Android应用程序可能会呕吐(当ISAM介于两者之间时)或抛出错误消息 编辑2:
public void submitLogin(String userName, String password){
HashMap<String, String> params = new HashMap<String, String>();
params.put("UserName", userName);
params.put("Password", password);
submitLoginForm("../../../../../../../pkmslogin.form", params, null, 0, "post");
}
09-12 01:31:24.732 26815-26923/com.sample.datapowerandroid E/AndroidRuntime: FATAL EXCEPTION: OkHttp Dispatcher
Process: com.sample.datapowerandroid, PID: 26815
java.lang.Error: Multiple values for 'WWW-Authenticate' header were detected
at com.worklight.wlclient.auth.WLAuthorizationManagerInternal.getAuthorizationScope(WLAuthorizationManagerInternal.java:1328)
at com.worklight.wlclient.auth.WLAuthorizationManagerInternal.getAuthorizationScope(WLAuthorizationManagerInternal.java:365)
at com.worklight.wlclient.api.WLResourceRequest.handleOnSuccess(WLResourceRequest.java:687)
at com.worklight.wlclient.api.WLResourceRequest.access$100(WLResourceRequest.java:65)
at com.worklight.wlclient.api.WLResourceRequest$1.onResponse(WLResourceRequest.java:596)
at com.squareup.okhttp.Call$AsyncCall.execute(Call.java:177)
at com.squareup.okhttp.internal.NamedRunnable.run(NamedRunnable.java:33)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)
HTTP/1.1 403 Forbidden
content-length: 0
date: Mon, 12 Sep 2016 04:51:56 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
www-authenticate: Bearer error="insufficient_scope"
www-authenticate: scope="accessRestricted"
x-powered-by: Servlet/3.1
MobileFirst服务器仅发送1个具有相同
WWW-AuthenticateWWW-Authenticate如果不可能,请打开一个支持请求,询问是否可以修改MFP SDK以接受此类分为2的标题。让我们尝试向问题中添加更多数据。什么样的反向代理?代理正在执行什么样的身份验证?安卓应用程序的名称与示例完全相同,或者您是否进行了修改?应用程序是指向代理还是指向MFP?应用程序在没有代理的情况下工作吗?我不是想让你将所有这些信息放在评论中。我的意思是你应该更新你的问题如果代理允许所有流量,它是否没有进行任何身份验证?还请发布代码更改的代码片段。身份验证代码在质询处理程序代码中,而质询处理程序代码中没有由于反向代理位于应用程序和MFP服务器之间,应用程序因上述原因崩溃,如果没有反向代理,则会抛出“缺少质询处理程序。。。“。仅从角度来看,Datapower Cordova应用程序在相同的配置中工作正常。仅让您知道,代码流没有达到在应用程序中显示登录表单的程度(在任何一种情况下)。我的意思是您的服务器端身份验证?您的代理正在进行什么样的身份验证?此示例使用DataPower LTPA功能设计了基于表单的质询和LTPA。
09-12 01:31:24.732 26815-26923/com.sample.datapowerandroid E/AndroidRuntime: FATAL EXCEPTION: OkHttp Dispatcher
Process: com.sample.datapowerandroid, PID: 26815
java.lang.Error: Multiple values for 'WWW-Authenticate' header were detected
at com.worklight.wlclient.auth.WLAuthorizationManagerInternal.getAuthorizationScope(WLAuthorizationManagerInternal.java:1328)
at com.worklight.wlclient.auth.WLAuthorizationManagerInternal.getAuthorizationScope(WLAuthorizationManagerInternal.java:365)
at com.worklight.wlclient.api.WLResourceRequest.handleOnSuccess(WLResourceRequest.java:687)
at com.worklight.wlclient.api.WLResourceRequest.access$100(WLResourceRequest.java:65)
at com.worklight.wlclient.api.WLResourceRequest$1.onResponse(WLResourceRequest.java:596)
at com.squareup.okhttp.Call$AsyncCall.execute(Call.java:177)
at com.squareup.okhttp.internal.NamedRunnable.run(NamedRunnable.java:33)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)
09-12 01:31:24.732 26815-26846/com.sample.datapowerandroid E/com.worklight.common.Logger$UncaughtExceptionHandler: Logger$UncaughtExceptionHandler.uncaughtException in Logger.java:444 :: Uncaught Exception
java.lang.Error: Multiple values for 'WWW-Authenticate' header were detected
at com.worklight.wlclient.auth.WLAuthorizationManagerInternal.getAuthorizationScope(WLAuthorizationManagerInternal.java:1328)
at com.worklight.wlclient.auth.WLAuthorizationManagerInternal.getAuthorizationScope(WLAuthorizationManagerInternal.java:365)
at com.worklight.wlclient.api.WLResourceRequest.handleOnSuccess(WLResourceRequest.java:687)
at com.worklight.wlclient.api.WLResourceRequest.access$100(WLResourceRequest.java:65)
at com.worklight.wlclient.api.WLResourceRequest$1.onResponse(WLResourceRequest.java:596)
at com.squareup.okhttp.Call$AsyncCall.execute(Call.java:177)
at com.squareup.okhttp.internal.NamedRunnable.run(NamedRunnable.java:33)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)
HTTP/1.1 403 Forbidden
content-length: 0
date: Mon, 12 Sep 2016 04:51:56 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
www-authenticate: Bearer error="insufficient_scope"
www-authenticate: scope="accessRestricted"
x-powered-by: Servlet/3.1