如何从适配器获取用户标识 [英] How to get user id from adapter
问题描述
使用Mobilefirst Platform 7.1,
Using Mobilefirst Platform 7.1,
我有一个自定义身份验证器和登录模块。它类似于 docs
I have a custom authenticator and login module. It the similar as the sample in the docs
我还有一个带有端点的java适配器,该端点受到使用验证器和登录模块的域的保护。
I also have an java adapter with an endpoint that is protected with a realm that uses the authenticator and login modules.
WLServerAPI serverAPI= WLServerAPIProvider.getWLServerAPI();
@Path("/qdef")
@Produces("application/json")
@GET
@OAuthSecurity(scope="MyAuthenticatorRealm")
public Response getQdef(){
SecurityAPI security = serverAPI.getSecurityAPI();
/** Next line appears in below stack trace as com.ibm.jp.SubqmjrPcApiResource.getQdef(SubqmjrPcApiResource.java:92) **/
OAuthUserIdentity identity = security.getSecurityContext().getUserIdentity();
String username = identity.getId(); // *** identity is null ***
String displayName = identity.getDisplayName();
logger.info("id:"+username+", name:"+displayName);
...
}
但是,自发生异常以来该端点返回500 。标识对象是 null 。为什么是这样?这是访问用户ID的正确方法吗?
However that endpoint return 500 since an exception occurs. identity object is null. Why is this? Is this the correct way of accessing user id?
我检查过的事情:
-
Authenticator似乎工作正常:我第一次调用api时,我的浏览器应用程序进入登录流程。我已经使用调试器检查过身份验证器是否正确持有
用户名和密码。此外,我已检查getAuthenticationData()方法是否正确生成了包含此类信息的地图。
Authenticator seems to works fine: The first time I call the api, my browser app enters the login flow. I have checked with the debugger that the authenticator correctly holds
usernameandpassword. Also I have checked thatgetAuthenticationData()method correctly makes a Map with such info.
登录模块似乎工作得很好。它已正确初始化,并在登录(Map< String,Object> authenticationData)方法接收正确的信息。它存储用户名和密码,以便稍后在 UserIdentity createIdentity(String loginModule)方法中创建 UserIdentity 对象。我已检查此方法是否包含正确的数据。
Login module seems to work fine too. It is correctly initialised and it receives correct info at login(Map<String, Object> authenticationData) method. It stores the username and password to later create an UserIdentity object in UserIdentity createIdentity(String loginModule) method. I have checked that this method contains the right data.
客户端浏览器应用已成功收到 {authStatus:required} 然后 {authStatus:completed} 。在达到 getQdef()方法之前。
The client browser app successfully received {authStatus:"required"} and then {authStatus:"completed"}. Prior to reach inside the getQdef() method.
这只是错误和堆栈跟踪的提示(向右滚动以查看文件/行):
This is just the tip of the error and stack trace (scroll right to see the file/lines):
[8/27/15 15:53:39:235 JST] 0000008b ication.internal.jaas.modules.UsernameAndPasswordLoginModule A CWWKS1100A: Authentication did not succeed for user ID oLs3jn4fNG. An invalid user ID or password was specified.
[8/27/15 15:53:39:350 JST] 000000b0 SystemErr R java.util.zip.ZipException: zip file is empty
[8/27/15 15:53:39:350 JST] 000000b0 SystemErr R at java.util.zip.ZipFile.open(Native Method)
[8/27/15 15:53:39:351 JST] 000000b0 SystemErr R at java.util.zip.ZipFile.<init>(ZipFile.java:220)
[8/27/15 15:53:39:351 JST] 000000b0 SystemErr R at java.util.zip.ZipFile.<init>(ZipFile.java:150)
[8/27/15 15:53:39:351 JST] 000000b0 SystemErr R at java.util.jar.JarFile.<init>(JarFile.java:166)
[8/27/15 15:53:39:351 JST] 000000b0 SystemErr R at java.util.jar.JarFile.<init>(JarFile.java:130)
[8/27/15 15:53:39:351 JST] 000000b0 SystemErr R at com.worklight.adapters.rest.ParentLastClassLoader.findResourceInURL(ParentLastClassLoader.java:522)
[8/27/15 15:53:39:352 JST] 000000b0 SystemErr R at com.worklight.adapters.rest.ParentLastClassLoader.internalFindResource(ParentLastClassLoader.java:472)
[8/27/15 15:53:39:352 JST] 000000b0 SystemErr R at com.worklight.adapters.rest.ParentLastClassLoader.internalFindClass(ParentLastClassLoader.java:212)
[8/27/15 15:53:39:352 JST] 000000b0 SystemErr R at com.worklight.adapters.rest.ParentLastClassLoader.loadClass(ParentLastClassLoader.java:128)
[8/27/15 15:53:39:352 JST] 000000b0 SystemErr R at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
[8/27/15 15:53:39:352 JST] 000000b0 SystemErr R at com.ibm.jp.SubqmjrPcApiResource.getQdef(SubqmjrPcApiResource.java:92)
[8/27/15 15:53:39:352 JST] 000000b0 SystemErr R at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[8/27/15 15:53:39:352 JST] 000000b0 SystemErr R at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
[8/27/15 15:53:39:353 JST] 000000b0 SystemErr R at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[8/27/15 15:53:39:353 JST] 000000b0 SystemErr R at java.lang.reflect.Method.invoke(Method.java:497)
[8/27/15 15:53:39:353 JST] 000000b0 SystemErr R at org.apache.wink.server.internal.handlers.InvokeMethodHandler.handleRequest(InvokeMethodHandler.java:63)
我试过的用户/密码是 admin / 管理员。所以我不知道这个消息是来自哪里。我想知道我错过了什么?
The user/password I tried was admin/admin. So I have no idea were does that message comes from. I wonder what I am missing?
非常感谢任何帮助。
编辑2015/08/27 17:28 +0900
是这种消息:用户ID KRJxLToMJb的身份验证未成功。指定了无效的用户ID或密码。与
相关的结果是 securityContext.toJSON()。toString()?
{"imf.application":{"environment":"common","id":"subqmgr","version":"1.0"}, "imf.sub":"::KRJxLToMJb","imf.device":{"osVersion":"","model":"","id":"","platform":null}, "imf.user":null}`
推荐答案
为了使适配器能够访问用户ID,您的应用程序描述符需要包含 userIdentityRealms 的值。
In order for adapters to have access to the User ID, your application descriptor needs contains a value for userIdentityRealms.
这篇关于如何从适配器获取用户标识的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
