I'm trying to make a simple example of a connection to a WS (JAX-RS), when I call from the browser, I should return a string but I get the following error message:
missing_authorization, this is the URL to access the resource (REST):
http://localhost:10080/PruebaWSProject/adapters/MyAdapter/users/pramirez
When I test it directly from MobileFirst Studio using "Call MobileFirst Adapter", it works perfectly.
It seems to be a problem with HTTP authentication, apparently I have to set something in the XML file server: authenticationConfig.xml, but I do not know what I have to put and I read the following in a web:
Disabling the authentication requirement for a specific procedure.
You can do so by adding the securityTest="wl_unprotected" property to the element in the adapter XML file.
I do not know how to turn off the security to call the resource to obtain the chain. The name of the classes generated by the Java adapter are: MyAdapterResource and MyAdapterApplication.
Java Adapters are protected by default.
When you use "Call MobileFirst Adapter", a test token is automatically added to help you preview.
If you want to test your adapter outside of the wizard, you have 2 main options:
Disable security by adding #OAuthSecurity(enabled=false) before your procedure code (in MyAdapterResource). Keep in mind that your procedure will no longer be protected. See Protecting Adapters.
Generate a test token manually. You can request a test token which you will add to your HTTP headers. See In Postman
The instructions you saw regarding securityTest="wl_unprotected" are for JavaScript adapters, not Java.
Related
Whenever I try to add the following endpoint, "http://ws.cdyne.com/phoneverify/phoneverify.asmx", during the Managed API setup process and press the Test button I get an error on the server. ERROR - APIProviderHostObject Error occurred while connecting to backend : "stackOverflow preventing me from showing this link", reason: Connect to ws.cdyne.com:80 timed out
When I try this exact same process on a machine outside of our proxy it works fine. I have gone into the axis2.xml file and added proxy information and even went as far as installing cntlm and setting the proxy to localhost - same error.
I can browse to the above link just fine on this machine.
My environment is Windows 10.
I assume you talk about clicking the Test button when providing Backend Endpoint in API publisher.
The way that Test button works at the moment (as far as I understand) is that it invokes HTTP HEAD method on the endpoint provided (because according to RFC 2616, "This method is often used for testing hypertext links for validity, accessibility, and recent modification.")
Then it checks response. If response is valid or 405 (method not allowed), then the URL is marked as Valid.
Thus sometimes, if backend is not properly following RFC, you might get otherwise working URLs declared as Invalid during the test because of that improper HEAD response evaluation. Obviously, this is just a check for your convenience and you can ignore the check if you know the endpoint works for the methods and resources you need it to work.
So my advice would be to try ignoring the Test and just finishing setting up and publishing the API.
P.S. I am checking it on WSO2 API Cloud but behavior is identical to downloadable API Manager.
Im working in a hybrid mobilefirst 6.3 app, and i want to access to an adapter previous to my login, is there a way that i can do that? because every time that i want to access my adapter the handleChallenge method occurs.
application-descriptor.xml:
<android version="1.0" securityTest="NevadaApplication-strong-mobile-securityTest">
my adapter config xml:
<procedure name="getPhoneNumber" securityTest="wl_unprotected"/>
Because you have set a security test also on the application level, meaning on the environment in application-descriptor.xml, you will get hit with a challenge handler despite having the adapter procedure set with a security test set as wl_unprotected.
To achieve what you're looking for you will need to add security tests to your adapter procedures (with the one you want unprotected as wl_protected), and leave the environment without a security test assigned to it in application-descriptor.xml.
Read more on security tests here: https://www.ibm.com/developerworks/community/blogs/worklight/entry/understanding_predefined_worklight_authentication_realms_and_security_tests11?lang=en
Read more on the different authentication options here: https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-6-3/authentication-security/authentication-concepts/
I am trying to develope a simple hybrid app using an adapter based authentification.
All the examples I have found explain how to do it assuming that firstly we call a secured procedure to fire the authentication process.
I've been trying to develope a login calling directly to a "login adapter" to perform the authentication. I've tried using the "submitAdapterAuthentication" but the challenge handler is creating a infinite loop.
I did manage to make a login invoking the "login adapter" as a common procedure("WL.Client.invokeProcedure(...)"), but then I was not able to subscribe to a event source and I need PUSH notification functionality. I got always the next error:
Can't subscribe, notification token is not updated on the server
Is it posible to authenticate against Worklight Server calling directly to a "login adapter" using Adapter Based Authentificaton? How?
I think the approach of a direct login call makes sense but I haven't found any official solution to it.
If you want to invoke authentication process explicitly, you can use WL.Client.login(realm, options) API provided by Worklight.
http://pic.dhe.ibm.com/infocenter/wrklight/v6r0m0/index.jsp?topic=%2Fcom.ibm.worklight.help.doc%2Fapiref%2Fr_wl_client_login.html
Another option is to add a security test at the application level inside of application-descriptor.xml for each environment.
This will cause the app to ask for authentication immediately.
<iphone securityTest="nameOfMobileTest" bundleId="com.myApp" version="1.0>
....
</iphone>
<android securityTest="nameOfMobileTest" version="1.0">
....
</android>
I have a question about the connectAs="endUser" option, found in the adapter XML file.
In the design mode I can read
- endUser: The connection to the back end will be created with the user's identity, as authenticated by the authentication realm
So my question is: Does it have sense to use the option connectAs="endUser" without being authenticated and without defining a security test?
I am having this question, because I used to put the connectAs="endUser" in the authentication procedure
<procedure name="authenticate" connectAs="endUser"/>
Is that wrong?
So as you can see in the documentation using connectAs="endUser" is "Only valid if a user realm has been identified in the security tests for this procedure."
Here are some resources you may want to look into:
procedure element of the adapter XML file
http://pic.dhe.ibm.com/infocenter/wrklight/v6r1m0/index.jsp?topic=%2Fcom.ibm.worklight.dev.doc%2Fdevref%2Fr__procedure_.html&resultof%3D%2522%2563%256f%256e%256e%2565%2563%2574%2561%2573%2522%2520%2522%2563%256f%256e%256e%2565%2563%2574%2561%2522%2520
The authentication element of the HTTP adapter
http://pic.dhe.ibm.com/infocenter/wrklight/v6r1m0/index.jsp?topic=%2Fcom.ibm.worklight.dev.doc%2Fdevref%2Fr_the__authentication__element_o.html&resultof%3D%2522%2563%256f%256e%256e%2565%2563%2574%2561%2573%2522%2520%2522%2563%256f%256e%256e%2565%2563%2574%2561%2522%2520
Can you please provide your scenario to how you would like to use this setting in greater detail
Hi i am new to worklight. When i am trying to invoke the adapter using the client side call. There is a parameter in the invoke procedure api call.The parameter is useSendInvoke .What does that mean?
See this question about useSendInvoke: Use of third parameter in the WL.Client.InvokeProcedure
To quote Anton:
This parameter is used internally by WL authentication framework.
Technically there should not be a reason for developer to use it.
There are several ways to invoke adapters.
(1) First one is via client application. This is where you use
WL.Client.invokeProcedure(invocationData, options) API.
(2) Second is by using adapter invocation service -
http://pic.dhe.ibm.com/infocenter/wrklight/v6r0m0/index.jsp?topic=%2Fcom.ibm.worklight.help.doc%2Fdevref%2Fc_adapter_invocation_service.html.
Basically issuing an http request to WL server and getting a response
from adapter. RPC style.
When you're doing it via (1) - you have two authentication layers -
first is security test defined for application, second is security
test defined for adapter procedure.
When you're doing it via (2) - there is only one security layer -
security test defined for adapter procedure.
UseSendInvoke param (which is, once again, for internal usage) means
that your application will go via path (2) instead of regular path
(1).