我的理解是worklight提供的认证机制是基于需求的 - 当你访问一些受保护的资源时,客户端ChallengeHandler将被调用。worklight client connect()来调用ChallengeHandler
但是,我们遇到了一个非常奇怪的情况 - 只要客户端调用WLClient :: connect方法,挑战处理程序就会被调用。我们甚至还没有开始调用适配器方法。
认证-config.xml中
<?xml version="1.0" encoding="UTF-8"?>
<tns:loginConfiguration xmlns:tns="http://www.worklight.com/auth/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- Licensed Materials - Property of IBM 5725-I43 (C) Copyright IBM Corp.
2006, 2013. All Rights Reserved. US Government Users Restricted Rights -
Use, duplication or disclosure restricted by GSA ADP Schedule Contract with
IBM Corp. -->
<securityTests>
<mobileSecurityTest name="UserAuthSecurityTest">
<testUser realm="UserAuthRealm" />
</mobileSecurityTest>
<mobileSecurityTest name="PushNotificationSecurityTest">
<testUser realm="UserAuthRealm" />
<testDeviceId provisioningType="none" />
</mobileSecurityTest>
</securityTests>
<realms>
<realm loginModule="AuthLoginModule" name="UserAuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="UserAuthAdapter.onAuthRequired" />
<parameter name="logout-function" value="UserAuthAdapter.onLogout" />
</realm>
</realms>
<loginModules>
<loginModule name="AuthLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
</loginModules>
</tns:loginConfiguration>
应用descriptor.xml
<android securityTest="PushNotificationSecurityTest" version="3.0.1">
<worklightSettings include="false"/>
<pushSender key="..." senderId="..."/>
<security>
<encryptWebResources enabled="false"/>
<testWebResourcesChecksum enabled="false" ignoreFileExtensions="png, jpg, jpeg, gif, mp4, mp3"/>
<publicSigningKey>........</publicSigningKey>
</security>
</android>
authenticationConfig.xml不显示或帮助。您是否在application-descriptor.xml中的环境中设置了securityTest?如果你有,这将解释。 – 2014-10-06 15:11:03
@IdanAdar您是否在谈论securityTest是这个“全局认证”的根本原因?我马上试试这个 – Qylin 2014-10-06 15:22:11
这就是我所说的。 – 2014-10-06 15:22:37