Worklight Developer Edition Studio 5.0.5.1 (5.0.5.20130115-0926)
Worklight Consumer Edition Version 5.0.5.1
First question
Are application developed with WL Developer Edition compatible with WL Consumer Edition Server.
Second Question:
I am using the Module 21 Formbased authentication and modified the realm in the authentication handler and added the customer security test that references the LTPA realm to the authentication config xml (file in installedApp folder).
I am getting no method to handleFailure when we access the method that requires security in the application.
03-01 18:53:32.870: E/Web Console(870): Uncaught TypeError: Object # has no method 'handleFailure' at file:///data/data/com.FormBasedAuthentication/files/www/default/wlclient/js/worklight.js:1482
Yes, applications developed with Developer Edition are compatible with Consumer Edition.
Related
I am developing a hybrid app in Worklight 6.2. I have a WorkLight Server installed Red Hat Linux 6 base as remote server.
I have give the servers ip address, port number and context root as"/worklight" in the "build settings and deploy target".
Then i added my adapter file and wlapp file into the remote servers "app" folder. I haven't made any changes in the server.xml file.
Now when i call the procedure from my app i am getting "[IPADDRESS:PORT/worklight/apps/services/api/MyApp/ipad/query] failure. state: 404, response: The server was unable to process the request from the application. Please try again later."
What am i missing and What changes do i have to make to make the request to work.?
The steps you are describing are not clear.
Make sure you are following the steps as provided in the IBM Worklight Knowledge Center.
First make sure the Worklight Server deployment to the application server was done correctly
You can verify this then by loading the Worklight Console (there will be no deployed projects)
Then follow the Worklight project (.war, .wlapp, .adapter) deployment to the Worklight Server instructions
You can verify this then by loading the Worklight Console (there will be 1 deployed application)
I am using Worklight 6.2 consumer edition. When I deploy my app, following warning flashes on server console:
[WARNING ] FWLSE0259W: Application authenticity protection is not being performed within the Worklight Development Server. In order to fully test Application authenticity protection, deploy the application to a non-development Worklight Server (i.e. external Worklight Server). [project MyProject].
I am using Web Sphere Liberty Profile 8.5.5.1 server. Pls advise how to make this warning make go away?
As the message says, if you are trying to test Application Authenticity Protection in Worklight Studio (the Eclipse development environment of Worklight), Authenticity protection is not supposed to work.
To test Application Authenticity in Worklight 6.2, you must deploy Worklight using IBM Installation Manager to your Application Server (WAS, Liberty, Tomcat), as well as your .war, .wlapp, .adapters, etc... and set it up in Worklight Console belonging to this instance of Worklight.
Only then should it work.
Anyone know how to configure v6.2 to LDAP to authenticate on the console (localhost:10080/worklightconsole/). On v6.1, this is done in authenticationConfig.xml but the migration process to v6.2, automatically removed all the configuration that was configure to use LDAP to secure the console with this comment:
"IBM migration removed customSecurityTest named WorklightConsole. IBM migration removed realm named WorklightConsole. It is not supported as of Worklight v6.2"
I have already tried following this PDF and still not working - http://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v620/09_11_Using_LDAP_login_module_to_authenticate_user_with_LDAP_server_in_hybrid_applications.pdf
Thanks
In previous versions of Worklight, Worklight Console protection was handled by Worklight's security framework. Starting v6.2, this is now handled by the underlying application server, be it WAS, WAS Liberty profile or Tomcat.
In Worklight Studio WAS Liberty profile is used, so you will need to follow these instructions: http://www-01.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.installconfig.doc/appcenter/t_ac_lib_ldap.html?lang=en
For other application servers follow the relevant instructions from here: http://www-01.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.installconfig.doc/appcenter/c_ac_ldap_jndi.html?lang=en
I have configured and enabled the App Authenticity in my application using custom Security. Added the security test property in my Application discriptor xml file. In my worklight console the respective application gives me the option to enable the App Authenticity.
Now how to test this feature. Fail case senario. How to explicitly fail the client app for app authenticity. My eithcal Hacking team want to perform this testing.
Thanks.
Easiest way to simulate it would be to:
Deploy your application to the server, build the generated project and install it on the device. See that it works.
Depending on the environment, in application-descriptor.xml:
for Android, alter the signing key used and re-deploy to the server
for iOS, alter the bundleId and re-deploy to the server
Re-launch the already install application, it should now fail.
Note:
In Worklight 6.2 application authenticity will only work with an external application server that Worklight Server is deployed to. Otherwise the feature will "always work" when testing in the Worklight Development Server.
In Worklight 6.1 application authenticity will use a "dummy" challenge when used in the Worklight Developer edition; to really test the feature in v6.1, you must use Worklight Studio and Server based on the Consumer or Enterprise editions.
I am running Worklight Studio 6 from Worklight Enterprise Edition download with Eclipse Juno.
My application is using form security with the WASLTPA login module. The application tests correctly.
When I add AppAuthenticity (needed for device provisioning) my client sees the following error in the console. (None in the server log)
Failed to load resource: the server responded with a status of 401 (Unauthorized)
drilling deeper I see:
/*-secure-
{"challenges":{"wl_authenticityRealm":{"WL-Challenge-Data":"o97e2ph8kguqh1vpljbio1o5k3+23.507-9.852-31.807 "}}}*/
I am running this on the Worklight Development Server packaged with Worklight Studio.
You have mentioned both the Enterprise Edition and Developer Edition.
Please clarify your question with the following: You have installed Worklight using the IBM Installation Manager, yes?
You have an application server (Tomcat/WebSphere/Liberty) installed and you've used the supplied Ant scripts to create the Worklight database(s), configure them, deploy the Worklight platform files to the application server, as well as deploy your project's .war file? (and of course the .wlapp /.adapter file(s)...).
If you have done the above, then you will have in your Worklight Server, now installed on the application server, the required components for App Authenticity to work.
Then there is the case of how you actually configured your project for App Authenticity.
Make sure you follow these steps to set up App Authenticity