0

I am attempting to get a modified sample project working with the HeaderLoginModule and HeaderAuthenticator to protect an adapter and then call an adapter function from the sample project by setting the headers and using the WLResourceRequest JavaScript API. I believe that based on my configuration of the loginModule, where I am setting a user-name-header value, and setting this in the header of the WLResourceRequest and then calling send(), that this should provide the user object and then the adapter should be accessible. For some reason though I still get 500 and the log shows 401/unauthorized.

Here are the steps I used to set up this sample:

1) git clone the Cordova sample project at https://github.com/MobileFirst-Platform-Developer-Center/Cordova

2) Added the following sections to authenticationConfig.xml (within the appropriate sections)

<loginModule name="HeaderLoginModule" audit="true">
<className>com.worklight.core.auth.ext.HeaderLoginModule</className>
<parameter name="user-name-header" value="plentyid"/>
<parameter name="display-name-header" value="customername"/>
</loginModule>

<realm name="MyRealm" loginModule="HeaderLoginModule">
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
</realm>

<mobileSecurityTest name="MyMobileSecurityTest">
<testUser realm="MyRealm" />
<testDeviceId provisioningType="none" />
</mobileSecurityTest>

3) Secured the adapter with the security test by changing this line in the adapter XML file

<procedure name="getFeed" securityTest="MyMobileSecurityTest"/>

4) Changed the getRSSFeed function as follows

    getRSSFeed: function(){
    var resourceRequest = new WLResourceRequest(
                "/adapters/RSSAdapter/getFeed",
                WLResourceRequest.GET);
    resourceRequest.addHeader("plentyid","1234");
    resourceRequest.addHeader("customername","John Smith");
    resourceRequest.setHeader("plentyid","1234");
    resourceRequest.setHeader("customername","John Smith");
    WL.Logger.info(resourceRequest.getHeaders());
    resourceRequest.send().then(app.getRSSFeedSuccess,app.getRSSFeedError);
}

** I will say on the above I could not tell whether to addHeader or setHeader from the documentation. I tried both separately, then both together. They seem to be set from looking at the call to getHeaders().

Thanks for any help with figuring out why this is still 401/Unauthorized when clicking the Adapter button in the app after I mfp push both the RSSAdapter project (MFP) and the Cordova project (app).

user3795225
  • 21
  • 1
  • 6
  • Would you be able to use Wireshark to observe the traffic? Let's take a look at the request you are sending, and at the 401 you are getting. – Nathan H Jan 18 '16 at 07:19
  • Here are request headers from browser Network tab: Host: 192.168.1.9:10080 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Firefox/38.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate plentyid: 1234 customername: John Smith Referer: http://192.168.1.9:10080/ThisWorks/apps/services/preview/com_ibm_CordovaApp/android/1.0.0/default/index.html?mbs.preventCache=1453125033593 Cookie: WL_PERSISTENT_COOKIE=15639daf-5f02-4472-af2e-f2acdb16eb4f; testcookie=oreo Connection: keep-alive – user3795225 Jan 18 '16 at 13:53
  • Here are response headers from browser Network tab: Content-Encoding: gzip Content-Length: 41 Content-Type: text/plain; charset=UTF-8 Date: Mon, 18 Jan 2016 13:54:56 GMT WWW-Authenticate: Bearer realm="imfAuthentication", scope="wl_antiXSRFRealm wl_remoteDisableRealm wl_deviceNoProvisioningRealm wl_directUpdateRealm MyRealm" x-powered-by: Servlet/3.0 – user3795225 Jan 18 '16 at 13:57
  • I see you mention a "browser" network tab. This is not a mobile application? From the responses you get I already see that it uses a device realm which means it requires a device. Also WLResourceRequest is meant to be used on mobile devices. – Nathan H Jan 18 '16 at 15:30
  • I am testing in Mobile Browser simulator. Let me try testing on the Android emulator to see if this makes a difference. Good call. – user3795225 Jan 18 '16 at 16:10
  • I tested today on the iOS Simulator and this still failed. Looking for other ideas. – user3795225 Jan 19 '16 at 02:28
  • Can you intercept the traffic with Wireshark with the iOS simulator? Also important, if you use ios make sure to read this: https://developer.ibm.com/mobilefirstplatform/2015/09/09/ats-and-bitcode-in-ios9/ – Nathan H Jan 19 '16 at 09:59
  • By the way it's OK to get some 401s, it's part of the authentication process. But of course after a few back-and-forth you should see the data. – Nathan H Jan 19 '16 at 10:00
  • I will try intercepting the traffic with Wireshark and post back. In the meantime, a question since I am new to MFP security. If I am using header auth, does it require that I code a challenge handler as I would if I was using form-based auth? – user3795225 Jan 20 '16 at 02:18

0 Answers0