I created my Project Number, API key, registration ID and implemented a http server sucessfullly, but when implement css(xmpp) server, it doesn't work. I use the tutorial for java in http://developer.android.com/google/gcm/ccs.html
the console displays red alert:
INFO: Loading providers for file [classpath:META-INF/extension.providers]
SASL authentication PLAIN failed: text:
at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:342)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:243)
at org.jivesoftware.smack.Connection.login(Connection.java:368)
at server.SmackCcsClient.connect(SmackCcsClient.java:334)
at server.SmackCcsClient.main(SmackCcsClient.java:344)
Apr 16, 2014 3:48:29 PM server.SmackCcsClient$2 connectionClosed
INFO: Connection closed.
line 334 is:
connection.login(username, password);
Does anyone know what is going wrong here? Thanks
I was getting the same Error when I tried to implement XMPP(CCS).So after going through so many site I found that to use up streaming feature of GCM (XMPP) you need to register for this service as a trail partner.
they are saying something like this
After you have created your GCM enabled project in the API Console you must fill out this form and become a trial partner to use upstream messaging and user notifications via CCS. Access is limited to those that fill out the form. You will receive an email from Google informing you that you now have access; Google will also send you the address of an echo server that you can use to bounce messages back to your application.
so visit this site and fill form
Upstream Google Cloud Messaging and User Notifications Sign-up
Update
Now up-streaming using GCM(CCS) is open for all developers !!!
Related
I am using streaming api and cometD in community.
It works fine for authorized users but still doesnt work for Guest user. For example, in anonymous window. And every time i receve Handshake denied w/ error '401::Authentication invalid'.
What's the problem exactly? But if i log in anonymous window to org then it works.
Perhaps you will be using {!$Api.Session_ID} which will return null in the case of Salesforce Guest user.
Because Guest User doesn't have a session id to access salesforce streaming API.
You need to authenticate as a user in order to stream and subscribe to events for cometD.
If you want to stream events for guest users:
you have to spend a platform license by creating a dedicated user for it.
save the creds of a user in custom settings
generate an access token using the creds
use the access token as session-id while subscribing to platform events for guest users.
don't forget to remove the data access except for platform events.
I am working on a chat app using XMPP Protocol.
I tried following
this tutorial from github . Everything is working fine using
XMPP.
But I'm unable to receive offline messages when user comes
online.
As user A is logged out and user B sends messages to user A, and when user A logs into app, it must receive all the messages that
were sent by user B during offline session.
How can I receive these offline messages?
My app is totally stuck on this issue. Please help if anyone
knows the solution. Any help will be appreciated. Thanks
You need to enable mod_offline on server, if you are using ejabberd XMPP Server.
Here is the code needs to enable module:
ignore_pep_from_offline: true
max_user_offline_messages:
admin: 5000
all: 100
mod_offline:
access_max_user_messages: max_user_offline_messages
Write this code in ejabberd.yml config file.
It will store unto 100 messages per user received when client was offline.
At client side, you may have to register for service:
'http://jabber.org/protocol/disco#info'
If you done this, whenever offline client gets online, server will send those stored messages to respective client.
You've to send Request for offline message if server supports. XMPP works on TCP protocol so as soon as client is up, it should send request to server.
<iq type='get'>
<query xmlns='http://jabber.org/protocol/disco#info'
node='http://jabber.org/protocol/offline'/>
</iq>
My problem is as follows :
I have an application protected by a mobile security test involving a LDAP server. The corresponding realm is called LDAPrealm. I use the form-based authenticator + custom LDAP login module.
When the connection to the worklight server is lost and then re-established, I see that the current user is not authenticated in the LDAP realm anymore.
What I want is be able to re authenticate the user without having him enter credentials again.
However, since the user is still authenticated for other realms included by default in the mobile security test, the worklight server does not challenge the client again for credentials, which is causing j_security_check error when trying to submit credentials.
As a side note those credentials are stored in the encrypted json store for offline authentication and use of the app.
So my question is :
Is it possible to force the server to challenge the client again for this LDAPrealm and use submitLoginForm to re-log in?
More generally, is there a way to clear a user+device from all realms before trying to log in again?
Edit reasons : previous error was caused by a typo
In the case where the user first logs in online then loses connection then get connection again, calling
WL.Client.logout("LDAPRealm",{onSuccess:stealthed_relog});
and calling WL.Client.connect() later in stealthed_relog before sending credentials seems to wield the desired behaviour.
However, when the user logs in offline and then gets connection, when I try to use WL.Client.connect(), it says another instance of WL.Client.connect has already been called.
edit : for the log offline case, the application get challenged automatically shortly after that the connected event fires (cause of heartbeat? I do not really know), so you just have to use
login_clientside.submitLoginForm();
to successfully log in again.
If someone has a better way to implement auto-reconnecting in worklight with ldap server, feel free to post it and I'll unaccept my answer.
While debugging, we observe following behavior:
1) When trying to get encryption key from server then error on both (iOS or Android) platform
response [https://xxxx.xxxx.com:443/worklight/apps/services/random]
success: Exception thrown by application class
'com.ibm.ws.webcontainer.session.impl.HttpSessionContextImpl.checkSecurity():685'
SESN0008E: A user authenticated as anonymous has
attempted to access a session owned by user:NewRealm/CN=test
user,OU=Temporary Users,OU=Acc,DC=xxxx,DC=com.
2) When trying to read a stored value error on android is [Logcat]
Android Message: Uncaught 9 at
file:///data/data/com.xxxx.xxxxapp/files/www/default/wlclient/js/encryptedcache.js:63
Where try to call WL.EncryptedCache.read
Worklight version used is 5.0.5 Consumer Edition (with Oracle 11i) on
Windows 2008 R2
WebSphere Liberty profile
Worklight server is sitting behind IBM Datapower XI52. All SSL calls to the server are going via DP.
Authenticator - WebSphereFormBasedAuthenticator & LoginModule - WASLTPAModule
The following is not really an answer, since I'm not familiar with authentication (LTPA, FormBasedAuth, Data Power, etc.)... just a couple of comments that could help you debug/isolate the issue.
Looks like a problem with authentication:
A user authenticated as anonymous has attempted to access a session
owned by user:NewRealm/CN=test user,OU=Temporary
Users,OU=Acc,DC=xxxx,DC=com.
Not with the Encrypted Offline Cache (EOC).
EOC will try to get a random token calling the following function:
WL.EncryptedCache.secureRandom(function (data) {
console.log(data);
});
It should output something like this:
response [/apps/services/random] success: 9053bdcfd902aac3dfb59a9874c9cf55223b7d17
9053bdcfd902aac3dfb59a9874c9cf55223b7d17
You can view the functions source code typing the following in a JS console:
WL.EncryptedCache.secureRandom
If you're using Google Chrome developer tools there's a checkbox for Log XMLHttpRequests when you click on the gear icon > General > Console.
You can also try to request the URL directly. Assuming the host is localhost, port is 10080 and project name is wlproj:
http://localhost:10080/wlproj/apps/services/random
9053bdcfd902aac3dfb59a9874c9cf55223b7d17
You can view HTTP traffic with Wireshark or Charles Proxy.
I imagine this will fix the EOC issue for you, if you don't mind generating the random token locally (less security, AFAIK):
WL.EncryptedCache.secureRandom = function(callback){callback(Math.random()+"")}
For example:
Notice it never goes to the server, everything is done locally.
A user authenticated as anonymous has attempted to access a session owned by user:NewRealm/CN=test user,OU=Temporary Users,OU=Acc,DC=xxxx,DC=com.
This usually means that there is a conflict with the session sent by the user (the session cookie) belongs to a user (in this case), but the LTPA token sent as a cookie was not sent or was not valid. There could be a few causes of this. This best way is to do a trace between datapower and the worklight server to make sure an LTPA token is even being sent to the worklight server. If it is, verify all of the LTPA requirements are met (synchronized time, same private key on both machines).
With the OAuth 2.0 and encrypted access token changes I can't connect to FB chat anymore. The example on FB's chat document shows PHP on the server side, however I need to connect by getting the access_token from the JavaScript sdk.
I took out the sig and session_key parameters from my challenge response, and added the parameter for access_token, setting it to the access_token I get from the JavaScript sdk. I assume the access_token is correct because before Oct 1st it had pipes in it, and now it's encrypted without the pipe symbols. Also looking at my security settings, the xmpp_login permission is being set properly when I initially grant permissions.
No matter what I try my connection attempt fails.
Does anyone have working code where the access token comes from the JavaScript sdk in a browser rather than from the server side?
Got it: Make sure you're also using TLS. In the PHP code example: http://developers.facebook.com/docs/chat/ you'll see how this is handled if you search for $START_TLS