0
votes

I am working on LDAP authentication. I downloaded the example from IBM Worklight Foundation getting started site. (http://www.ibm.com/developerworks/mobile/worklight/getting-started.html)

After all the configuration etc, i see that the LDAP is not working.

As per the example, the method getSecretData should execute after the successfull authentication of the login form.

But even if i give wrong credentials , its taking me to getSecretData method

Please help!!

FInd the code there

HTML page :

    <div id="AppDiv">
        <div class="header">
            <h1>LDAPApp</h1>
        </div>  
        <div class="wrapper">
            <input type="button" value="Call protected adapter proc" onclick="getSecretData()" />
            <input type="button" value="Logout" onclick="WL.Client.logout('LDAPRealm',{onSuccess: WL.Client.reloadApp})" />
        </div>
        <div id="resultDiv"></div>
    </div>

    <div id="AuthDiv" style="display:none">
        <div id="loginForm">
            Username:<br/>
            <input type="text" id="usernameInputField" value=""/><br />
            Password:<br/>
            <input type="password" id="passwordInputField" value=""/><br/>      
            <input type="button" id="loginButton" value="Login" />
            <input type="button" id="cancelButton" value="Cancel" />
        </div>
    </div>

    <script src="js/initOptions.js"></script>
    <script src="js/LDAPApp.js"></script>
    <script src="js/messages.js"></script>
    <script src="js/LDAPRealmChallengeHandler.js"></script>
</body>

LDAPRealmChallengeHandler.js

var LDAPRealmChallengeHandler = WL.Client.createChallengeHandler("LDAPRealm");

LDAPRealmChallengeHandler.isCustomResponse = function(response) {
if (!response || !response.responseText) {
    return false;
}

var idx = response.responseText.indexOf("j_security_check");

if (idx >= 0){ 
    return true;
}
return false;

};

LDAPRealmChallengeHandler.handleChallenge = function(response){
    $('#AppDiv').hide();
    $('#AuthDiv').show();
    $('#passwordInputField').val('');
}; 

$('#loginButton').bind('click', function () {
var reqURL = '/j_security_check';
var options = {};
options.parameters = {
        j_username : $('#usernameInputField').val(),
        j_password : $('#passwordInputField').val()
};
options.headers = {};
LDAPRealmChallengeHandler.submitLoginForm(reqURL, options,    LDAPRealmChallengeHandler.submitLoginFormCallback);
});

$('#cancelButton').bind('click', function () {
$('#AppDiv').show();
$('#AuthDiv').hide();
LDAPRealmChallengeHandler.submitFailure();
});

 LDAPRealmChallengeHandler.submitLoginFormCallback = function(response) {
var isLoginFormResponse = LDAPRealmChallengeHandler.isCustomResponse(response);
if (isLoginFormResponse){
    LDAPRealmChallengeHandler.handleChallenge(response);
} else {
    $('#AppDiv').show();
    $('#AuthDiv').hide();
    LDAPRealmChallengeHandler.submitSuccess();
}
};

LDAPApp.js 

 function wlCommonInit(){
// Common initialization code goes here
}

 function getSecretData(){
 var invocationData = {
        adapter: "DummyAdapter",
        procedure: "getSecretData",
        parameters: []
 };

 WL.Client.invokeProcedure(invocationData, {
    onSuccess: getSecretData_Callback,
    onFailure: getSecretData_Callback,
    timeout: 2000
 });
 }

 function getSecretData_Callback(response){
  $("#resultDiv").html(new Date() + "<hr/>");
  $("#resultDiv").append("Secret data :: " + response.invocationResult.secretData);
 }

  DummyAdaptor.xml 

 <displayName>DummyAdapter</displayName>
  <description>DummyAdapter</description>

 <connectivity>
 <connectionPolicy xsi:type="http:HTTPConnectionPolicyType">
  <protocol>http</protocol>
  <domain>none</domain>
  <port>80</port>     
 </connectionPolicy>
 <loadConstraints maxConcurrentConnectionsPerNode="2" />
 </connectivity>

 <procedure name="getSecretData"  securityTest="LDAPSecurityTest" />
 </wl:adapter>

DummyAdaptor-impl.js

  function getSecretData(){
    return {secretData: 1234};
  }

   authenticationConfig.xml 

   <securityTests>
    <customSecurityTest name="LDAPSecurityTest">
        <test realm="wl_directUpdateRealm" step="1"/>
        <test isInternalUserID="true" realm="LDAPRealm"/>
    </customSecurityTest>

 </securityTests>
 <realms>
    <realm loginModule="LDAPLoginModule" name="LDAPRealm">
        <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
        <onLoginUrl>/console</onLoginUrl>
    </realm>
 </realms>
 <loginModules>
    <loginModule name="rejectAll">
        <className>com.worklight.core.auth.ext.RejectingLoginModule</className>
    </loginModule>
    <loginModule name="LDAPLoginModule">
        <className>com.worklight.core.auth.ext.LdapLoginModule</className>
        <parameter name="ldapProviderUrl" value="ldap://xyz"/>
        <parameter name="ldapTimeoutMs" value="120000"/>
        <parameter name="ldapSecurityAuthentication" value="none"/>
        <parameter name="validationType" value="exists"/>
        <parameter name="ldapSecurityPrincipalPattern" value="{username}@in.ibm.com"/>
        <parameter name="ldapSearchFilterPattern" value="(&amp;(mail=%v)(|(objectclass=ibmPerson)(objectclass=eperson)))"/>
        <parameter name="ldapSearchBase" value="c=in,ou=bluepages,o=ibm.com"/>
    </loginModule>
</loginModules>
</tns:loginConfiguration>

Not sure whts wrong. Getting the below error in the console. But its allowing me to access the getSecretData even if i give wrong credentails.

[ERROR ] FWLSE0048E: Unhandled exception caught: SRVE0190E: File not found: /console java.io.FileNotFoundException: SRVE0190E: File not found: /console at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:528) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.invokeTarget(WebAppFilterChain.java:127) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:88) at com.worklight.core.auth.impl.AuthenticationFilter$1.execute(AuthenticationFilter.java:205) at com.worklight.core.auth.impl.AuthenticationServiceBean.accessResource(AuthenticationServiceBean.java:76) at com.worklight.core.auth.impl.AuthenticationFilter.doFilter(AuthenticationFilter.java:209) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:194) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:85) at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:968) at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1056) at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:4510) at com.ibm.ws.webcontainer.osgi.DynamicVirtualHost$2.handleRequest(DynamicVirtualHost.java:282) at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:954) at com.ibm.ws.webcontainer.osgi.DynamicVirtualHost$2.run(DynamicVirtualHost.java:252) at com.ibm.ws.http.dispatcher.internal.channel.HttpDispatcherLink$TaskWrapper.run(HttpDispatcherLink.java:584) at com.ibm.ws.threading.internal.Worker.executeWork(Worker.java:439) at com.ibm.ws.threading.internal.Worker.run(Worker.java:421) at java.lang.Thread.run(Unknown Source) [project module_23_2_LDAPLoginModule] SRVE0190E: File not found: /console

1
Please show DummAdapter XML file. You did add your security test to getSecretData() in that?djna
Check this blog post by Marcel Stor: frightanic.com/software-development/…Idan Adar

1 Answers

0
votes

you don't need to specify onLoginUrl in your realm definition, just remove it. it is used to forward client to a specific location after successful login, this is irrelevant for mobile apps.