Worklight 6.2 iOS binary issue with MobileFirst 7.1 - ibm-mobilefirst

I have MFP Server version: 7.1.0.00.20160401-2103
I'm trying to accomplish the following:
MyApp runtime (WAR file) is built using MFP 7.1
My WLAPP's, Adapters and device binaries are built using WL 6.2
Where I need to run 6.2 app inside MFP 7.1 container to mimic my production environment as I can't have two stand alone live server in PROD, one for WL 6.2 and the other for MFP7.1.
My concern is the following for iOS (9+):
The iOS app that is live is built with ATS not configured and bit code disabled using xCode (Version 6.3.1).
What is the configuration on MFP 7.1 that needs to be done to allow the connection from my live application.
WAS security level:
My IHS which is in front of my MFP server has the SSLCipherSpec as:
When I compile the xCode project I'm getting :
[https://IP:PORT/MobileBanking/apps/services/api/MobileBanking/iphone/query] Host is not responsive.
How can I make my 6.2 app works on MFP 7.1.?
Is there a missing configuration I need to add/remove?
I can't make any changes on App level as it is already in PROD. Also I can't migrate the 6.2 app yet as we have timeline/outage issues that we can't meet.

Please see this blog post: https://mobilefirstplatform.ibmcloud.com/blog/2015/09/07/preparing-ibm-mobilefirst-platform-server-app-transport-security-ios-9/
7.1 can run wlapp files that were built by 6.2, but those apps (assuming your server is not configured with session independence), but those apps will not benefit of any 7.1 features because you did not re-build them with 7.1 Studio...
Additionally you must have the server configured with TLS 1.2 support and the client application must be configured with TLS. So yes, you must re-build the app even with 6.2 Studio and re-submit to the App Store.

Related

Configure Data Power MFP 8.0

I'm trying to configure a Data Power on Mobile First Platform 8.0 installed in a WAS ND 8.5.x. with a cluster with 2 servers.
As I did on Mobile First Platform 7.1, I would like to change the access port with the property 'publicWorkLightPort' but this property has changed in MFP 8.0 and I don't know how is it called now or how is supposed to be in MFP 8.0
That property as well as the file that contains it (worklight.properties) is no longer used in MobileFirst Foundation 8.0. The port used by MobileFirst Server is defined in the application server's server.xml file.

XML Validation Error Mobilefirst App Authenticity

I have a server which has been upgraded from IBM Worklight 6.0 to IBM Mobilefirst 6.3
The server is currently running older versions of my mobile application, which do not have AppAuthenticity enabled.
When I uploaded the newer version of Application, AppAuthenticity option became enabled ONLY for one (windows) environment, while others stayed disabled.
After a restart, Windows Environment version became like others, while iPAD environment started giving option to change the AppAuthenticity.
I listed the application through WLADM CLI, and it gave me below error:
XML validation error, reading from
https://URL/wladmin/management-apis/1.0/runtimes/worklight/applications/MYAPPS?locale=en_US:
cvc-complex-type.4: Attribute 'downloadLink' must appear on element
'applicationEnvironmentDataAccess'.
Please note, the application if ran alone on other server is working fine with same Application-descriptor and WAR file, only when Old and new versions are uploaded on same server, this problem comes.
Are you saying your server has a single .war file with 2 apps on it, one from 6.0 and one from 6.3?
There are very different Application Authenticity Protection implementations in 6.0 and 6.3. These cannot co-exist in the same single .war file.
You need to deploy to your application server 2 .war files - one for handling the 6.0 app and another for handling the 6.3 app.
Relevant user documentation can be read here: http://www-01.ibm.com/support/knowledgecenter/SSHS8R_6.3.0/com.ibm.worklight.upgrade.doc/devenv/c_upgrade_to_srvr_in_production_env.html
As Idan said, the 6.0 and 6.3 app can not be handled together, since I only wanted to enable the App Authenticity in the newer version, what I did as a workaround was to connect via WLADM tool and disable the App Authenticity for Older Versions via command line.
Below are the commands one needs to use:
\Worklight\shortcuts>wladm --url=https://server.url/wladmin --user=admin --passwordfile=password.properties
to verify the application's current Authenticity :
app version %CONTEXT% %APP_NAME% %Environment_Name% %versionCode% get authenticitycheckrule
To Disable
app version %CONTEXT% %APP_NAME% %Environment_Name% %versionCode% set authenticitycheckrule DISABLED

Can I install the Worklight mobile browser simulator on Worklight Server?

When i preview an Android App on Worklight server it still previews as a "common" resource.
Whereas if i do the same on my local machine from eclipse it opens in a Mobile Browser simulator.
What is the way to install the mobile browser simulator on the server as well. My Worklight server is running on a Linux machine with WAS stand alone and DB2.
The MBS is part of the Worklight Development Server (Worklight Studio plug-in for Eclipse) and is meant for development-time only.
The MBS is NOT available in a production environment.
By the time you deploy your .wlapp to your production Worklight Server, you should have already tested your app in the MBS, emulators and actual devices, again, prior to deployment.
The Worklight Console (where the MBS is available at during development) in a production environment is meant less for testing your app and more to managing it - push notifications, remote disable/notify, authenticity check enablement, analytics, etc.

Where in my application do I define the worklightServerRootURL element for my Worklight 6.1 Server running on PureApplication System?

I migrated my application from Worklight 5.0.6 to 6.1. I tested the application in Worklight Studio 6.1 in the local Liberty Test server and Mobile Browser Simulator and the application works fine. I have now deployed my Worklight Server 6.1 on PureApplication System using Mobile Application Platform Pattern 6.1.
In Worklight 6.1 the worklightServerRootURL element that existed in application-descriptor.xml has been removed. In Worklight 5.0.6 I defined the IP address of my Worklight Server running on PureApplication System in the worklightServerRootURL element. With this element removed in 6.1 where do I define the IP address of my worklight server runing on PureApplication System in my application so my application can talk to the Worklight server on PureApplication System ?
Run As -> Build Settings and Deploy Target; Then add a new server other than the localhost.
http://pic.dhe.ibm.com/infocenter/wrklight/v6r1m0/index.jsp?topic=%2Fcom.ibm.worklight.dev.doc%2Fdev%2Fc_building_and_deploying_build_settings_deploy_target.html

Worklight Studio 6 - device provisioning and app authenticity

I am running Worklight Studio 6 from Worklight Enterprise Edition download with Eclipse Juno.
My application is using form security with the WASLTPA login module. The application tests correctly.
When I add AppAuthenticity (needed for device provisioning) my client sees the following error in the console. (None in the server log)
Failed to load resource: the server responded with a status of 401 (Unauthorized)
drilling deeper I see:
/*-secure-
{"challenges":{"wl_authenticityRealm":{"WL-Challenge-Data":"o97e2ph8kguqh1vpljbio1o5k3+23.507-9.852-31.807 "}}}*/
I am running this on the Worklight Development Server packaged with Worklight Studio.
You have mentioned both the Enterprise Edition and Developer Edition.
Please clarify your question with the following: You have installed Worklight using the IBM Installation Manager, yes?
You have an application server (Tomcat/WebSphere/Liberty) installed and you've used the supplied Ant scripts to create the Worklight database(s), configure them, deploy the Worklight platform files to the application server, as well as deploy your project's .war file? (and of course the .wlapp /.adapter file(s)...).
If you have done the above, then you will have in your Worklight Server, now installed on the application server, the required components for App Authenticity to work.
Then there is the case of how you actually configured your project for App Authenticity.
Make sure you follow these steps to set up App Authenticity