Fatal编程技术网
  • ibm-mobilefirst/
  • Ibm mobilefirst 到达未知质询,无法处理领域WLU设备ProvisioningRealm质询

Ibm mobilefirst 到达未知质询,无法处理领域WLU设备ProvisioningRealm质询

ibm-mobilefirst

Ibm mobilefirst 到达未知质询,无法处理领域WLU设备ProvisioningRealm质询,ibm-mobilefirst,worklight-security,Ibm Mobilefirst,Worklight Security,在企业Worklight服务器中部署Worklight(v6.2.0.01)应用程序后,我面临以下问题。此问题仅在移动web应用程序环境中出现 值得注意的是,同一环境中的同一应用程序在本地开发服务器中运行良好(也基于Worklight 6.2.0.01) 控制台错误: [Error] unknown challenge arrived, cannot process realm wl_deviceNoProvisioningRealm challenge. __log (workligh

在企业Worklight服务器中部署Worklight(v6.2.0.01)应用程序后,我面临以下问题。此问题仅在移动web应用程序环境中出现

值得注意的是,同一环境中的同一应用程序在本地开发服务器中运行良好(也基于Worklight 6.2.0.01)

控制台错误:

[Error] unknown challenge arrived, cannot process realm wl_deviceNoProvisioningRealm challenge.
    __log (worklight.js, line 4879)
    (anonymous function) (worklight.js, line 5237)
    executeChallenge (worklight.js, line 8783)
    checkResponseForChallenges (worklight.js, line 8692)
    onWlFailure (worklight.js, line 3411)
    (anonymous function) (worklight.js, line 950)
    respondToReadyState (worklight.js, line 1172)
    onStateChange (worklight.js, line 1105)
    (anonymous function) (worklight.js, line 950)
屏幕错误:

处理来自的请求时遇到错误 应用程序

authenticationConfig.xml:


/订阅MS*/接收短信*/ussd*


com.worklight.integration.auth.AdapterAuthenticator
com.worklight.core.auth.ext.HeaderAuthenticator
com.worklight.core.auth.ext.NonValidatingLoginModule
com.worklight.core.auth.ext.RejectingLoginModule

您提到您的应用程序用于移动web应用程序环境。在此环境中,应用程序由Worklight服务器提供,并使用操作系统的移动浏览器应用程序(mobile Safari、mobile Chrome等)显示

您收到的错误中提到的
wl\u deviceProvisioningRealm
测试旨在使用,而不是在移动web应用程序中使用

在您的情况下,您正在使用预定义的
mobilesesecuritytest
。此预定义的安全测试用于
wl\U设备配置GREALM

虽然我不清楚您为什么会以您描述的方式出现这种错误,但我认为您应该做的是:

  • 请改用预定义的
    webSecurityTest
    ,因为它不包括
    wl\u deviceProvisioninggrealm
    ,并且适合web环境,例如应用程序的环境

  • 或者创建自定义安全测试

    如果选择创建自定义安全测试,例如“myMobileWebAppEnv”,请确保它不包含
    wl\u设备配置GREALM
    测试。然后,在application-descriptor.xml中,您需要将其专门应用于mobile web app环境元素

阅读有关安全测试的更多信息,请点击此处:

该问题与IBM有关,在提出PMR后,他们为我们提供了Eclipse更新,其中包含修复程序和额外的32个修复程序。

请将authenticationConfig.xml文件的内容添加到您的问题中。我添加了xml内容,谢谢。请看下面我的答案。 
    <!-- Licensed Materials - Property of IBM
         5725-I43 (C) Copyright IBM Corp. 2006, 2013. All Rights Reserved.
         US Government Users Restricted Rights - Use, duplication or
         disclosure restricted by GSA ADP Schedule Contract with IBM Corp. -->  

 <staticResources>
    <resource id="subscribeServlet" securityTest="SubscribeServlet">
        <urlPatterns>/subscribeSMS*;/receiveSMS*;/ussd*</urlPatterns>
    </resource>

</staticResources> 

 <securityTests>
    <mobileSecurityTest name="SampleApp">
        <testDeviceId provisioningType="none" />
        <testUser realm="SampleAppRealm" />
        <testDirectUpdate mode="perSession" />
    </mobileSecurityTest>

    <customSecurityTest name="SubscribeServlet">
        <test realm="SubscribeServlet" isInternalUserID="true"/>
    </customSecurityTest>           

</securityTests> 

<realms>
    <realm loginModule="SampleAppLoginModule" name="SampleAppRealm">
        <className>com.worklight.integration.auth.AdapterAuthenticator</className>
        <parameter name="login-function" value="AuthenticationAdapter.onAuthRequired" />
        <parameter name="logout-function" value="AuthenticationAdapter.onLogout" />
    </realm>

    <!-- <realm name="SampleAppRealm" loginModule="StrongDummy">
        <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
    </realm> -->

    <realm name="SubscribeServlet" loginModule="rejectAll">
        <className>com.worklight.core.auth.ext.HeaderAuthenticator</className>          
    </realm>

    <!-- For client logger -->
    <!-- <realm name="LogUploadServlet" loginModule="StrongDummy">
        <className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
    </realm -->

    <!-- For websphere -->
    <!-- realm name="WASLTPARealm" loginModule="WASLTPAModule">
        <className>com.worklight.core.auth.ext.WebSphereFormBasedAuthenticator</className>
        <parameter name="login-page" value="/login.html"/>
        <parameter name="error-page" value="/loginError.html"/>
    </realm -->

    <!-- For User Certificate Authentication -->
    <!-- realm name="wl_userCertificateAuthRealm" loginModule="WLUserCertificateLoginModule">
        <className>com.worklight.core.auth.ext.UserCertificateAuthenticator</className>
        <parameter name="dependent-user-auth-realm" value="WASLTPARealm" />
        <parameter name="pki-bridge-class" value="com.worklight.core.auth.ext.UserCertificateEmbeddedPKI" />
        <parameter name="embedded-pki-bridge-ca-p12-file-path" value="/opt/ssl_ca/ca.p12"/> 
        <parameter name="embedded-pki-bridge-ca-p12-password" value="capassword" />
    </realm -->

    <!-- For Trusteer Fraud Detection -->
    <!-- Requires acquiring Trusteer SDK --> 
    <!-- realm name="wl_basicTrusteerFraudDetectionRealm" loginModule="trusteerFraudDetectionLogin">
        <className>com.worklight.core.auth.ext.TrusteerAuthenticator</className>
        <parameter name="rooted-device" value="block"/>
        <parameter name="device-with-malware" value="block"/>
        <parameter name="rooted-hiders" value="block"/>
        <parameter name="unsecured-wifi" value="alert"/>
        <parameter name="outdated-configuration" value="alert"/>
    </realm -->

</realms>

<loginModules>
    <loginModule name="SampleAppModule">
        <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
    </loginModule>

    <!-- <loginModule name="StrongDummy">
        <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
    </loginModule>

    <loginModule name="requireLogin">
        <className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
    </loginModule> -->

    <loginModule name="rejectAll">
        <className>com.worklight.core.auth.ext.RejectingLoginModule</className>
    </loginModule>

    <!-- Required for Trusteer - wl_basicTrusteerFraudDetectionRealm -->        
    <!-- loginModule name="trusteerFraudDetectionLogin">
        <className>com.worklight.core.auth.ext.TrusteerLoginModule</className>
    </loginModule-->

    <!-- For websphere -->
    <!-- loginModule name="WASLTPAModule">
        <className>com.worklight.core.auth.ext.WebSphereLoginModule</className>
    </loginModule -->

    <!-- Login module for User Certificate Authentication -->
    <!-- <loginModule name="WLUserCertificateLoginModule">
        <className>com.worklight.core.auth.ext.UserCertificateLoginModule</className>
    </loginModule> -->


    <!-- For enabling SSO with no-provisioning device authentication -->
    <!-- <loginModule name="MySSO" ssoDeviceLoginModule="WLDeviceNoProvisioningLoginModule">
        <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
    </loginModule> -->


    <!-- For enabling SSO with auto-provisioning device authentication -->
    <!-- <loginModule name="MySSO" ssoDeviceLoginModule="WLDeviceAutoProvisioningLoginModule">
        <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
    </loginModule> -->
</loginModules>