Please let me know
Is worklight is providing any API to encrypt data from client side and same data that can be decrypted from adapter(server) side?
Something like SecurityUtils which going to works on both(server and client)sides.
Worklight does not provide such functionality.
Related
I need to make some of my MFP 8 Adapters available to third-party (non-MobileFirst) clients. Is this possible in production using Confidential Clients? Thanks.
Yes. You can read more about the implementation in the following tutorial
https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/8.0/authentication-and-security/confidential-clients/
Clients that do not use the MobileFirst client SDK can also request protected resources, by acting as a confidential client.
I am using DataPower to proxy MobileFirst Applications and AppCenter running on a WAS Liberty Profile.
While we got great results with the Mobile Apps (Hybrid apps), we are facing some strange behaviour with the AppCenter: Basically, anytime that a /j_security_check URI arrives to DataPower, the connection fails.
What we are looking at is that we do not know how to make the Server understand that there is a proxy between it and the client (I mean, like configuring Access Mappings on IIS or SharePoint web portals).
I ran a Fiddler trace and found the following difference in the HTTP Headers
HTTP 'Cookie' Header with DataPower:
Cookie: oracle.uix=0^^GMT-3:00; WASReqURL=http://:9080/appcenterconsole/console.html
HTTP 'Cookie' Header without DataPower:
Cookie: LtpaToken2=pWORZGbPV7BvEsrPzu+fz2mOdBRIByWqee2AMNjw/8k8qJS7i6HMPSnBja46sB3dYwJIy0uEyZ3k0ftQloTGGQUt+Vqu0ZDYJ1a9CDAaLYEeMj/1ZCSMSrctfIqiq6/hoRc1ayX4GkY3gEWpDwwjAEdQKc99r6XJl5VsKKglNm4sQhkbsNFx29mVLF7bp21A3jd+GrxDfS6aEZHau6H5A5Gr5o1ZvyRBQ2aQNtLWw2DZh55GzHUj8q8muBZqPZ36ORN9RXSxemwMtzLqUedJ/K6Tps3WLtqLdCXV9YmQj6V4zCBtQvLjKHoRQ1PYCNzm
I am testing the LTPA token generation in DataPower, but, in the meantime, I would like to know if there is any documentation regarding this use case.
http://www-01.ibm.com/support/knowledgecenter/SSZH4A_6.1.0/com.ibm.worklight.installconfig.doc/admin/t_integrating_datapower_was_or_iberty.html
The link you pointed to is documentation that describes an example of how to configure DataPower to do LTPA token generation and proxy authentication to the Worklight Server.
You don't give enough information to tell what is causing your problem on requests that go through DataPower vs. the ones that do not go through DataPower. Typically to debug these kinds of problems you need a debug trace from DataPower, a copy of the DataPower configuration and maybe a packet trace. These things often contain confidential information so if you have an IBM support contract, I would open a PMR with Worklight and submit those items so we can help you with that.
You don't say what your time line is, but there is likely to be a sample configuration and some updated documentation about how to integrate DataPower and Worklight with in the next few weeks.
Is is possible somehow to access the httprequest inside the code of the adater?
The root reason for asking this is a bit tricky...
I need to know the ip of the worklight server to use it later in the app for other uses.
From the app I have not found any API that could help.
Detect Worklight Server Hostname/IP Address from Worklight Client code
In the server it was possible using the WL.Server.configuration["local.IPAddress"] to get the ip but that was static and now there is no "local.IPAddress". Any way this is static.
Using J2SE API is possible to access to the network interfaces but as there can be more than one it is not the best option.
I was thinking about using the httprequest getLocalAddres method that return the ip being invoked.
Thank you
If you're talking about httprequest from client to WL server - yes, it is possible. you have WL.Server.getClientRequest() API
If you're talking about httprequest from WL server to backend - no, this is not possible. Adapter is used to abstract the need for direct usage of HTTP client internals.
Here is my problem: I would like to create an application with IBM Worklight which will call via an adapter a service that requires OAuth (ie: Twitter).
Anyone have some thought for the best method to implement this using IBM Worklight?
For example, use one method to get the token, store the token in the session and then other methods to interact with the service?
Is there some out of the box functionality in IBM Worklight to handle the token acceptance in such case (ie: automatically open a browser to provide the authorization)?
Many thanks
Dominique
You can use the cordova inappbrowser plugin to get the access token and pass the token to the Worklight adapters. I am working on a devworks article now with an example so I will update this response with a link once it's live.
Here's the link to the article that might be helpful to you: http://www.ibm.com/developerworks/library/mo-worklight-linkedin/index.html
Is this possible? I'm about to start into a project which requires a call from an SAP instance to a remotely hosted service using XML over HTTPS. Does anyone have sample ABAP code?
There is a SDN article titled "Real Web Services with REST and ICF". This covers the server side (providing a REST service) only, but maybe this could help you getting started. There's also the (arguably rather concise) documentation on client side ICF development. However, it looks like you'll have to parse the body on your own, using nothing but the XML support SAP provides you with. That's the drawback of REST...
This can be done using cl_http_client.
Check the SAP help documentation for the code.
For making HTTPS calls, you also need to import the certificate of your service provider into the system. This can be done using the transaction "STRUST". This step is compulsory; without it, you`ll get communication errors.