Ibm mobilefirst 会话在超时后变为无效_Ibm Mobilefirst_Mobilefirst Adapters

Ibm mobilefirst 会话在超时后变为无效

ibm-mobilefirst

Ibm mobilefirst 会话在超时后变为无效,ibm-mobilefirst,mobilefirst-adapters,Ibm Mobilefirst,Mobilefirst Adapters,我有一个使用适配器身份验证的MobileFirst Platform 6.3应用程序。用户必须能够在一个会话中多次登录和注销，切换凭据，即以userA身份登录、注销、以userB身份登录、注销等。。只要会话保持活动状态，所有这些都可以正常工作如果我把我的应用程序放在后台20-30分钟，我会在服务器日志中看到我的注销函数onLogout被调用。我假设这是在会话超时时由框架调用的。我的onLogout调用WL.Server.setActiveUserRealmName，null，因此这应该会使会话

我有一个使用适配器身份验证的MobileFirst Platform 6.3应用程序。用户必须能够在一个会话中多次登录和注销，切换凭据，即以userA身份登录、注销、以userB身份登录、注销等。。只要会话保持活动状态，所有这些都可以正常工作

如果我把我的应用程序放在后台20-30分钟，我会在服务器日志中看到我的注销函数onLogout被调用。我假设这是在会话超时时由框架调用的。我的onLogout调用WL.Server.setActiveUserRealmName，null，因此这应该会使会话无效，它似乎确实会这样做

当用户将应用程序带回前台并尝试调用受保护的过程时，问题就出现了。我从服务器日志中看到，框架调用了我的登录函数onAuthRequired。消息参数未定义。headers参数包含如下内容

{"Cookie":["WL_PERSISTENT_COOKIE=5a39bf15-b217-40c2-97eb-c6622213e799; JSESSIONID=00003dozYVeiAYXJYzoQf_oG6BI:5702d236-4455-4e22-bf0c-132459018524"],"Host":["192.168.1.64:10080"],"WL-Instance-Id":["4rjpubf76afnvs9l61gtkf197t"],"X-Requested-With":["XMLHttpRequest"],"Content-Length":["198"],"x-wl-clientlog-deviceId":["DE67FB50-5ABD-4418-A39D-69058144454F"],"x-wl-clientlog-model":["iPad5,4"],"User-Agent":["Mozilla/5.0 (iPad; CPU OS 8_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Mobile/12D508/Worklight/6.3.0.0 (358300384)"],"x-wl-clientlog-osversion":["8.2"],"x-wl-clientlog-appname":["Greenwell"],"Connection":["keep-alive"],"x-wl-device-id":["B405CAA3-4EE6-4581-9004-5AA8AA950E0A"],"x-wl-clientlog-appversion":["1.2.1"],"x-wl-app-version":["1.2.1"],"Accept-Language":["en-US"],"x-wl-analytics-tracking-id":["5A9D03E9-42FA-41E7-9FFD-69C4EE89EF95"],"Authorization":["{\"wl_deviceNoProvisioningRealm\":{\"ID\":{\"token\":\"q0dhk0eutb0gi53ak2mltrlbkv\",\"app\":{\"id\":\"GreenwellBanking\",\"version\":\"1.2.1\"},\"device\":{\"id\":\"B405CAA3-4EE6-4581-9004-5AA8AA950E0A\",\"os\":\"8.2\",\"model\":\"iPad5,4\",\"environment\":\"ipad\"},\"custom\":{}}}}"],"Accept-Encoding":["gzip, deflate"],"x-wl-app-details":["{\"applicationDetails\":{\"platformVersion\":\"6.3.0.0\",\"nativeVersion\":\"1889110191\",\"skinName\":\"default\",\"skinChecksum\":2615010882,\"skinLoaderChecksum\":\"(null)\"}}"],"Content-Type":["application/x-www-form-urlencoded; charset=UTF-8"],"Accept":["text/javascript, text/html, application/xml, text/xml, */*"],"x-wl-clientlog-env":["ipad"]}.

WL.Client.InvokeProcess调用的成功处理程序和失败处理程序均未被调用。日志中似乎有一个响应显示authRequired:true

2015-03-25 10:44:16.937 Greenwell[649:305965] [DEBUG] [NONE] fetching offers
2015-03-25 10:44:16.964 Greenwell[649:305965] [DEBUG] [NONE] Request [/apps/services/api/GreenwellBanking/ipad/query]
2015-03-25 10:44:16.967 Greenwell[649:305968] [DEBUG] [WL_AFHTTPCLIENTWRAPPER_PACKAGE] +[WLAFHTTPClientWrapper requestWithURL:] in WLAFHTTPClientWrapper.m:37 :: Request url is http://192.168.1.64:10080/GreenwellBanking/apps/services/api/GreenwellBanking/ipad/query
2015-03-25 10:44:16.977 Greenwell[649:305968] [DEBUG] [WL_AFHTTPCLIENTWRAPPER_PACKAGE] -[WLAFHTTPClientWrapper start] in WLAFHTTPClientWrapper.m:182 :: Starting the request with URL http://192.168.1.64:10080/GreenwellBanking/apps/services/api/GreenwellBanking/ipad/query
2015-03-25 10:44:17.116 Greenwell[649:286631] [DEBUG] [WL_AFHTTPCLIENTWRAPPER_PACKAGE] -[WLAFHTTPClientWrapper requestFinished:] in WLAFHTTPClientWrapper.m:195 :: Request Success
2015-03-25 10:44:17.119 Greenwell[649:286631] [DEBUG] [WL_AFHTTPCLIENTWRAPPER_PACKAGE] -[WLAFHTTPClientWrapper requestFinished:] in WLAFHTTPClientWrapper.m:196 :: Response Status Code : 200
2015-03-25 10:44:17.122 Greenwell[649:286631] [DEBUG] [WL_AFHTTPCLIENTWRAPPER_PACKAGE] -[WLAFHTTPClientWrapper requestFinished:] in WLAFHTTPClientWrapper.m:197 :: Response Content : /*-secure-
{"errorMessage":null,"isSuccessful":true,"authRequired":true}*/

挑战者

问题:

如果当应用程序调用WL.Client.invokeProcedure时，服务器上的框架调用了onAuthRequired，为什么我没有看到向应用程序发出质询？如果我这样做了，我可以提示用户再次登录。我是否误解了应该如何处理超时？看起来我在onLogout中正确地使会话无效，但是如何在没有挑战的情况下提示用户重新验证？

您很可能正在使用适配器身份验证，而忘记在质询处理程序中使用SubmitAccess。您能否提供有关身份验证配置的更多详细信息并粘贴质询处理程序代码？

您是正确的。我正在使用适配器身份验证，我的handleChallenge不使用SubmitAccess。实际上，我对它进行了注释，因为我发现SubmitAccess导致我的submitAuthentication被调用了两次，导致错误无法更改已登录用户的身份。我编辑了这个问题，将我的challengeHandler添加回submitSuccess，但我刚刚确认它重新引入了提交身份验证两次的问题。可能是我在移除它时试图修复另一个问题导致了一个问题。

var challengeHandler = WL.Client.createChallengeHandler("CaasAuthRealm");

challengeHandler.isCustomResponse = function(response) {
    if (!response || !response.responseJSON || response.responseText === null) {
        return false;
    }
   if (typeof(response.responseJSON.authRequired) !== 'undefined'){
       return true;
   } else {
       return false;
   }
}

challengeHandler.handleChallenge = function (response) {
    var authRequired = response.responseJSON.authRequired;

    console.log("Handling Challenge - authRequired = " + authRequired);

    if (authRequired) {
        challengeHandler.submitFailure("Bad credentials");

        $.mobile.changePage("login.html", {transition: "slide"});

    } else {

        challengeHandler.submitSuccess();

        if (Model.getInstance().username == "wcmaas-anonymous") {
            $.mobile.changePage( "landing.html", { transition: "flip", reverse: true } );
        } else {
            $.mobile.changePage( "home.html", { transition: "flip" } );
        }

    }
}