I am working on migrating a IBM MobileFirst 6.3 project to version 7.1 and enabling the 7.1 session independent mode. I have specified the attribute store as the worklight default runtime database.
In the previous version I have used HTTPSession object in HTTP JavaScript adapters to dynamically store some minimal data related to the current user session as shown in the sample code below.
var request = WL.Server.getClientRequest();
var session = request.getSession();
session.setAttribute("ID", "123");
session.setAttribute("UserName", "xxx");
As I cannot use session object anymore, are there any WL.Server APIs available for explicitly store/retrieve/remove data from the default attribute store (WL run-time database)? Couldn't find any examples on this. Please advise. Thanks.
Knowledge center documents this scenario and solution for 7.1 Session Independent mode here
https://www.ibm.com/support/knowledgecenter/en/SSHS8R_7.1.0/com.ibm.worklight.dev.doc/devref/c_java_server_side_api.html#java_server_side_api__java_rest
Saving applicative state between requests in Java RESTful adapters
In versions earlier than V7.1.0, developers were able to store the applicative state in the HTTP session, by using the session object, namely request.getSession() (see WL.Server).
If you are working in session-independent mode that became available starting with IBM MobileFirst Platform Foundation V7.1.0, the applicative state of the adapter must be persisted outside the session, for example, by using a database such as Cloudant®
Sample also is attached in the link above.
Related
i upgraded my spring boot application to master pom 2.4 version and using cloud configs with the property enabled spring.cloud.bootstrap.enabled = true, I have db password encrypted in cloud properties so by the time i use the db properties i don't have my encryption framework available, so eventually my application failing with invalid username and password .."i have my own encryption service "
i am looking to see load the cloud config properties after i have my encryption service available, but the spring.cloud.bootstrap.enabled makes it load first on application startup, before i upgrade to master pom, i was not using spring.cloud.bootstrap.enabled so i didn't had any issue, with adding the property the order of loading changed, so i am running into an issue. Any help will be greatly appreciated. Thanks
so by the time i use the db properties i don't have my encryption
framework available
Use #DependsOn annotation in the bean that uses the db properties to depend on the encryption framework.
This question relates to how to propagate a data factory through CI (in VSTS) if there is a self hosted Integration Runtime defined in the Data Factory.
I have a 3 environments set up - Dev / UAT / Prod each with their own data factory.
The Dev hosts the master collaboration branch. I am using VSTS to retrieve the artifacts from the adf_publish branch and deploying the template to UAT (prod will be done later). I followed much of what is in this guide here.
When deploying to blank UAT with a self-hosted integration runtime (IR), the IR that is deployed in UAT is a copy of the shared IR from dev (not a linked type) and this causes an error since the credentials used by the IR will not be correct. I expect this since we are really just deploying an exact copy of the Resource Group template with just the factory name overridden however the IR will not work without it being re-credentialled with the self hosted IR VMs.
If I pre-register a linked IR with the UAT environment (linked to the dev IRs), then the deployment fails with a conflict because an IR in the resource group template is the same name as the one I just created in UAT. If it is a different name - no conflict but the linked services will be pointing to the template IR and not the one I created for UAT
The docs have a note that says the IR runtime should be the same across all the platforms but I do not think this can be true - one of them (presumably the source/dev) must be a shared type and the others linked and authorized.
One option I could see (untested) is to have each environments IR reference be a separate connection to an actual IR but then there then needs to be some way of overriding the linked services to point to the current environments IR reference (by template parameter override?). In this scenario, we need to block the templates IR from being deployed as it won't be needed and won't work.
Has anyone had success in getting CI working in this situation? My sense is the doc was written with the globally shared IR. Either that or I need to better understand the aim of Auto Integration setting in the linked services definition.
Many thanks.
Mark.
Update
I think there are a couple of bugs in the service so not expecting an answer. I'll post updates here if I see resolution from the bug report I have posted here for the dev group.
In a nutshell, this only affects you if
you have a self hosted integration runtime (IR), and
you are trying to deploy a template to a new data factory from an existing data factory (as you would in Dev->UAT->Prod)
you have a datalake (ADL) linked service defined and using the self hosted IR.
If you have a self hosted IR in the template, the newly deployed copy will not be registered with any server (either linked or unique to the new ADF) as the template only records an IR, it does not instantiate one.
While this can be fixed in post deployment config or scripting, what it can't fix is the dependency in ADL. This is because the ADL linked service wants to encrypt the service principal with the IR....but the IR does not exist at the time of template deployment (i.e. is not configured on a server and not active).
It is no better if you select Managed service identity as the auth on the ADL linked service instead of service principal, then the template fails to deploy because there are no credentials to encrypt and it looks like the resource is expecting to encrypt something.
The work around right now is to use Azure hosted IR for datalake connections. Unfortunately for us this causes a security problem because shared IRs cannot be whitelisted in our ADL Gen 1.
I'll keep you posted.
I'm doing a demo in MF Studio 7.1, but I can not make the direct update work in the studio, I have test on at leat 3 workstations. Anyone knows why?
Please see the Direct Update tutorial, and specifically the following section: https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/7.1/advanced-client-side-development/using-direct-update-to-quickly-update-your-application/#underTheHood
Because MobileFirst Platform Foundation Server 7.1 is session-independent, this affects Direct Update as well.
The setting of when to check for a Direct Update is now based on tokens; the check for an update will be made only once the token expires.
You can adjust it in the following ways:
Remove the wl_DirectUpdate realm from the used security test in authenticationConfig.xml and instead explicitly call the WL.Client.checkForDirectUpdate API to check for an update
Change the wl.realm.expiration.directUpdate value in the your-project\server\conf\worklight.properties file to a lower value.
Note for production environments: The lower the value, the more network traffic will incur. The value should be configured with care.
I have created an application using IBM worklight and i am using customAuthenticator for login process
I am getting following validation error while deploying application
Security test DummyAdapter-securityTest must include user and device
realms for AuthDemo:iphone:1.0:api. [project
module_23_1_CustomLoginModule]
You need to re-read the entire Getting Started section about Authentication and Security. There is more reading material here and here.
From the error I am thinking you have added a securityTest="DummyAdapter-securityTest" attribute to your iphone element in application-descriptor.xml.
As noted by the name of the securityTest, it is not meant for the application but for the adapter. This securityTest is already defined for the adapter procedure in the adapter XML file. Remove the securityTest you've added and it will work.
The sample you are trying to run (module_23_1_CustomLoginModule) is ready-made; no need for editing. You need only to build & deploy and run it.
I'm looking for examples to control Worklight appclications via REST API for automation. What I need is a method to disable and enable specific application from command line.
I've found "HTTP Interface of the production server" on the IBM Worklight Information Center, but it doesn't work.
For exapmle, I sent a GET request to:
<WorklightServerURL>/worklight/console/api/getApplications
In return I got:
Error 404: Could not find resource for relative : /getApplications of
full path:
/worklight/console/api/getApplications".
Looking into the Worklight Console interactions using Chrome developer tool, disabling application request generates:
<WorklightServerURL>/worklight/console/api/applications/setAccessRule/17
Which is not consistent with the IBM Worklight Information Center...
This looks to be a documentation defect, where (in this specific case):
http://myhost:port/console/api/{Action}
Should be
http://myhost:port/console/api/applications/{Action}
For example:
http://myworklightserver:8080/console/api/applications/all
http://myworklightserver:8080/console/api/applications/get/testapp
I have opened a documentation defect to update the Console API Requests section. Thanks.
As for setAccessRule,
The API request structure is: http://myworklightserver:8080/console/api/applications/setAccessRule
The parameters are:
gadgetAppId (Required. You can find this in the database)
action (Required. delete | notify | block)
message (Required)
downloadLink (Optional)
Note that you are linking to the Worklight 5.0.5 Information Center; the fixes will appear in the Worklight 5.0.6 and 6.0 Information Center pages.
In Worklight 6.0 the port has changed to "10080", and a context root section exists before "/console".
http://myworklightserver:10080/mycontext/console/api/applications/all