工作真实性 [英] Worklight Authenticity
问题描述
我们正在Worklight上开发混合应用程序,我们需要实现应用程序的真实性。
我们正在将Worklight Enterprise版本6.2.0.1与IBM应用程序中心一起使用。
但是,当我们在Android上启动应用程序时,我们在服务器日志上看到以下错误(iO也一样,但会提供Android日志)。
We are developing a hybrid application on Worklight, and we need to implement the app authenticity. We are using Worklight Enterprise edition 6.2.0.1 with IBM app centre. However, We are seeing the following error on the server log when we launch the app on Android (iOs the same too, but will provide Android log).
[1/19/15 15:25:05:38 EST] 00000254 WLNewAuthenti E com.worklight.core.auth.ext.appauth.WLNewAuthenticityScheme isInvalidAndroidParams FWLSE0260E:缺少或清空packageName用于android真实性检查,无法测试真实性。如果在Worklight Console中未将App Authentication设置为Disabled或Enabled,servicing,则请求将失败。 [项目MobileApp]
[1/19/15 15:25:05:388 EST] 00000254 WLNewAuthenti E com.worklight.core.auth.ext.appauth.WLNewAuthenticityScheme isInvalidAndroidParams FWLSE0260E:缺少或清空publicsigningkey以进行机器人真实性检查,无法测试真伪。如果在Worklight Console中未将App Authentication设置为Disabled或Enabled,servicing,则请求将失败。 [project MobileBanking]。
[1/19/15 15:25:05:388 EST] 00000254 WLNewAuthenti E com.worklight.core.auth.ext.appauth.WLNewAuthenticityScheme isInvalidAndroidParams FWLSE0260E: Missing or empty packageName for android authenticity check, cannot test authenticity. If App Authentication is not set to 'Disabled' or 'Enabled, servicing' in Worklight Console the request will fail. [project MobileApp] [1/19/15 15:25:05:388 EST] 00000254 WLNewAuthenti E com.worklight.core.auth.ext.appauth.WLNewAuthenticityScheme isInvalidAndroidParams FWLSE0260E: Missing or empty publicsigningkey for android authenticity check, cannot test authenticity. If App Authentication is not set to 'Disabled' or 'Enabled, servicing' in Worklight Console the request will fail. [project MobileBanking].
authenticationConfig.xml上的安全测试是:
The security test on authenticationConfig.xml is :
<securityTests>
<mobileSecurityTest name="MobileAppTestMobile">
<testAppAuthenticity/>
<testDeviceId provisioningType="auto" />
<testUser realm="MobileAppRealm" />
<testDirectUpdate mode="perSession" />
</mobileSecurityTest>
<webSecurityTest name="MobileAppTest">
<testUser realm="MobileAppRealm" />
</webSecurityTest>
<customSecurityTest name="SubscribeServlet">
<test realm="SubscribeServlet" isInternalUserID="true"/>
</customSecurityTest>
</securityTests>
application-descriptor.xml:
The application-descriptor.xml:
<iphone bundleId="ca.company.MobileApp" securityTest="MobileAppTestMobile" version="1.0">
<worklightSettings include="false"/>
<security>
<encryptWebResources enabled="true"/>
<testWebResourcesChecksum enabled="true" ignoreFileExtensions="png, jpg, jpeg, gif, mp4, mp3"/>
</security>
</iphone>
<android securityTest="MobileAppTestMobile" version="1.0">
<worklightSettings include="false"/>
<security>
<encryptWebResources enabled="true"/>
<testWebResourcesChecksum enabled="true" ignoreFileExtensions="png, jpg, jpeg, gif, mp4, mp3"/>
<publicSigningKey>"We have added our public signing key here by extracting it from our keystore file"</publicSigningKey>
</security>
</android>
我们在更新WAR文件后从头开始部署了所有应用程序。
worklight控制台显示真实性的三个值禁用 - 启用,服务 - 启用,阻止
We have deployed all the app from scratch after updating the WAR file. The worklight console shows the three values for the authenticity "Disable - Enabled, servicing - Enabled , Blocking"
当我们输入启用,阻止或启用,服务我们在帖子顶部共享的服务器上获取错误日志。
在应用程序屏幕上,我们收到错误处理来自应用程序的请求时遇到错误。
When we put "Enabled, Blocking" or "Enabled , servicing" we are getting the error log on the server that shared at the top of the post. On the app screen we are getting an error " an error was encountered while processing the request from the application".
请提供建议。
谢谢
Please advise. Thank you
推荐答案
问题已解决。
解决方案:
1-我们将authenticationConfig.xml中的MobileSecurityTest更改为customSecurityTest,如下所示,并重新部署了WAR文件:
1- we changed the MobileSecurityTest in authenticationConfig.xml to be customSecurityTest as the following, AND redeployed the WAR file:
<customSecurityTest name="MobileSecurityTest">
<test realm="wl_antiXSRFRealm" step="1"/>
<test realm="wl_authenticityRealm" step="1"/>
<test realm="wl_remoteDisableRealm" step="1"/>
<test realm="wl_directUpdateRealm" mode="perSession" step="1"/>
<test realm="wl_anonymousUserRealm" isInternalUserID="true" step="1"/>
<test realm="wl_deviceNoProvisioningRealm" isInternalDeviceID="true" step="2"/>
</customSecurityTest>
2-在application-descriptor.xml中:
2- In application-descriptor.xml:
对于Android,我使用Idan所说的关于添加< packageName> 属性的内容。
For android, I used what Idan said about adding the <packageName> property.
<android securityTest="MobileSecurityTest" version="1.0">
<worklightSettings include="false"/>
<security>
<encryptWebResources enabled="true"/>
<testWebResourcesChecksum enabled="true" ignoreFileExtensions="png, jpg, jpeg, gif, mp4, mp3"/>
<publicSigningKey>"Our public signing Key placed here"</publicSigningKey>
<packageName>ca.company.MobileTest</packageName>
</security>
</android>
对于iOS,问题出在applicationId中,我们认为applicationId值是最后一节的bundleId,
For iOS, the issue was in the applicationId, we thought the applicationId value is the last section of the bundleId,
例如:如果bundleId是com.company.Myapp,那意味着applicaiotnId是Myapp,这不是真的。
for example: if the bundleId is "com.company.Myapp" that's mean the applicaiotnId is "Myapp", which is not true.
这是不正确的定义:
<iphone bundleId="ca.company.MobileTestiPhone" applicationId="MobileTestiPhone" securityTest="MobileSecurityTest" version="1.0" >
applicationId是worklight.plist文件中的值,该文件位于iPhone或iPad本机内部文件夹和此文件是在完成构建后生成的。
AND对于我们的应用,它具有完全不同的价值。
The applicationId is the value inside the worklight.plist file, which is located inside the iPhone or iPad native folder and this file is generated after doing the build. AND for our appliction it has a totally different value.
正确的是:
<iphone bundleId="ca.company.MobileTestiPhone" applicationId="MobileTest" securityTest="MobileSecurityTest" version="1.0" >
当我们将App真实性值设置为启用时,这就是我们的WL服务器被阻止的原因,阻止。
That's why the app was being blocked from our WL server when we put the App authenticity value to "Enable,Blocking".
谢谢@Idan的帮助。
Thank you @Idan for your help.
这篇关于工作真实性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
