I am testing device SSO using mobile security test and I have used Adapter authentication. I have created two apps in a same project and my authenicationConfig.xml
looks something like this
<staticResources>
<resource id="subscribeServlet" securityTest="SubscribeServlet">
<urlPatterns>/subscribeSMS*;/receiveSMS*;/ussd*</urlPatterns>
</resource>
</staticResources>
<securityTests>
<mobileSecurityTest name="AuthSecurityTest">
<testDeviceId provisioningType="none" />
<testUser realm="AuthRealm" sso="true" />
</mobileSecurityTest>
</securityTests>
<realms>
<realm loginModule="AuthLoginModule" name="AuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="AuthAdapter.onAuthRequired"/>
<parameter name="logout-function" value="AuthAdapter.onLogout"/>
</realm>
<realm name="SampleAppRealm" loginModule="StrongDummy">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>
<realm name="SubscribeServlet" loginModule="rejectAll">
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
</realm>
</realms>
<loginModules>
<loginModule name="AuthLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule name="StrongDummy" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule name="requireLogin" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
</loginModule>
<loginModule name="rejectAll" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.RejectingLoginModule</className>
</loginModule>
</loginModules>
AuthAdapter.xml:
<procedure name="submitAuthentication" securityTest="wl_unprotected" />
<procedure name="getSecretData" securityTest="AuthSecurityTest"/>
<procedure name="getSecretData2" securityTest="AuthSecurityTest"/>
The above getSecretdata
is called from app1 and getSecretdata
is called from app2.
AuthAdapter.js:
function onAuthRequired(headers, errorMessage){
errorMessage = errorMessage ? errorMessage : null;
return {
authStatus: "credentialsRequired",
errorMessage: errorMessage
};
}
function submitAuthentication(username, password){
if (username==="user" && password === "password"){
var userIdentity = {
userId: username,
displayName: username,
attributes: {
foo: "bar"
}
};
WL.Server.setActiveUser("AuthRealm", userIdentity);
return {
authStatus: "complete"
};
}
return onAuthRequired(null, "Invalid login credentials");
}
function getSecretData(){
return {
secretData: "Very very very very secret data"
};
}
function getSecretData2(){
return {
secretData: "Very very very very secret data222222222222222222"
};
}
function onLogout(){
WL.Logger.debug("Logged out");
}
Can anyone tell me what am I doing wrong. How can I access second app without logging in.
I did read the question posted in App will throw exception at when I first login when device SSO is enabled but did not get a clear picture about Authadapter.xml
. Also how do I enable SSO for wl_unprotected
security test?
I get the following error in the Worklight console when I try to after logging in.
[ERROR ] FWLSE0059E: Login into realm 'AuthLoginModule' failed. Stream unable to set size. [project DSSO] Stream unable to set size
[ERROR ] FWLSE0117E: Error code: 4, error description: AUTHENTICATION_ERROR, error message: An error occurred while performing authentication using loginModule AuthLoginModule, User Identity Not available. [project DSSO] [project DSSO]
I am trying out Worklight Device SSO for the first time