Worklight adapter authentication using different authenticator

0
votes

This is a generalization of my scenario: the user of a client app, when challenged for security, could choice to authenticate using more than one method, each one different as parameters (and backend systems to be called, in a more complex scenario).

for example:
- choice A using (id, pwd)
- choice B using (name, cellnum, token)
- choice C using (platenumber)

I'm thinking about a possible first solution where define different "submitAuthentication"-like backend procedures, each one with different signature, that the client calls based on the user's choice.

A possible second solution (really I don't like), to have a single "submitAuthentication"-like backend procedure where first parameters determines the kind of the choice, and following parameters will be mapped on the expected ones.

Is there some guidelines in order to realize that?

thanks.

1
ibm-mobilefirstworklight-adaptersworklight-security

1 Answers

1
votes

There are multiple ways to accomplish utilizing multiple inputs for authentication. I would suggest looking over the authentication presentations and accompanying samples provided by Worklight:

Authentication Concepts: http://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v610/08_01_Authentication_concepts.pdf

Form Based Authentication: http://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v610/08_02_Form_based_authentication.pdf

Adapter Based Authentication: http://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v610/08_03_Adapter_based_authentication.pdf

Custom Authenticator and Login Module: http://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v610/08_04_Custom_Authenticator_and_Login_Module.pdf

As I stated looking at your above scenario you could take many routes to accomplish this. I would say your decisions would mostly be based around what design the login would have on the client side. You could have something as simple as having the user choose what kind of login credentials they want to use and have the different situations handled in your challenge handler.