Worklight LDAP Authentication logout from LDAPRealm

1
votes

I am trying to make an LDAP authentication system using IBM Worklight Studio 6.2.0.01

The login system works fine, no problem with that part, but the logout function doesn't actually log out the user!

Realm: 

<realm loginModule="LDAPLoginModule" name="LDAPRealm">
    <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>

LoginModule: 

<loginModule name="LDAPLoginModule">
    <className>com.worklight.core.auth.ext.LdapLoginModule</className>
    <parameter name="ldapProviderUrl" value="<Correct LDAP URL ( For security left blank on stackoverflow )>"/>
    <parameter name="ldapTimeoutMs" value="2000"/>
    <parameter name="ldapSecurityAuthentication" value="simple"/>
    <parameter name="validationType" value="exists"/>
    <parameter name="ldapSecurityPrincipalPattern" value="{username}"/>
</loginModule>

SecurityTest:

<customSecurityTest name="LDAPSecurityTest">
    <test realm="wl_directUpdateRealm" step="1"/>
    <test isInternalUserID="true" realm="LDAPRealm"/>
</customSecurityTest>

AdapterXML (important part) 

<procedure name="getUsername"  securityTest="LDAPSecurityTest" />
<procedure name="onLogout" />

AdapterJS

function getUsername(){
    return {username: ""};
}

function onLogout(){
    WL.Server.setActiveUser("LDAPRealm", null);
}

The getUsername function gets called everytime the app wants to check if a user is currently logged in, it has NO function other than that.

The logout function (App-side)

$scope.setUsername = function(){
    var invocationData = { adapter: "DummyAdapter", procedure: "getUsername"} 
    WL.Client.invokeProcedure(invocationData, {
        onSuccess: function(result){}, 
        onFailure: function(result){);
}

$scope.logout = function(){
    WL.Client.logout("LDAPRealm", {onSuccess: $scope.setUsername});
}

Result: This makes the app go to the login page by noticing the user has logged out, only problem is.. it hasn't completely logged out the user. What can I do to make the user completely logged out?

PS: Why don't I use WL.Client.reloadApp after WL.Client.logout()? Two reasons:

  1. White screen and reloading the whole app is just dirty, it's not user friendly at all.
  2. WL.Client.reloadApp gives a fatal signal 11 ( code 1 ) on Android Lollipop ( Android 5.0 ). At least, this is with my worklight version (6.2.0.01).

Please, is there a way I can avoid WL.Client.reloadApp and still log out the user from the server? If not: What may cause the fatal signal 11 ( code 1 ) error in Android Lollipop? I've tested it thoroughly on iOS 8.0, Android 2.3.5, Android 4.4.2 and Android 5.0. Only one that fails is the 5.0

Thank you and sorry for the long post

1
authenticationibm-mobilefirstworklight-adaptersworklight-serverworklight-security
Hi. While I do not have a solution for you, I did want to let you know that the bug with WL.Client.reloadApp not working in Android 5.0 is being investigated. Thanks for the report. - Idan Adar
I have already found a workaround for my application, this involves not having to use WL.Client.reloadApp() at all. I have also tested the WL.Client.reloadApp without anything else.. i mean: No AngularJS, no Ionic, no whatever. Only pure html css and javascript. It still only crashes on android 5.0 - ErikBrandsma
Thanks. Can you please write your solution as an answers for others to benefit from it? - Idan Adar
Sure, just posted it - ErikBrandsma

1 Answers

1
votes

I have fixed the problem by removing the WL.Client.reloadApp function from logout onsuccess, I did this as such:

$scope.logout = function(){
        WL.Client.logout("LDAPRealm", {onSuccess: function(){ 
            $scope.setUsername() // <-- this function is the secret function
                                 //     that triggers the securitytest
                                 //     which then gives back the login page because
                                 //     you had just logged out :)
        }});
}

As for the adapter not logging out the user: This comment was false, this bug was originating from another problem. So my code which was posted on StackOverflow was fine. But still:

Android 5.0 and WL.Client.reloadApp don't go to well (5th November 2014 in case an update fixes this)