Do we need to call WL.Client.Login API before submitLoginForm in MobileFIrst 7.1.0 while using Formbasedauthentication (LoginModule = LDAP).
IBM documentation does not mention it but we found that if we do not call it MobileFirst Server does not send any Challenge.But we call that before submitLoginForm we receive all challenge handler and got authenticated from LDAP.
Please Advice.
Yes.
submitLoginForm() is the step where the client side code ( challengehandler) sends the credentials to the server. This is in case of Form based login.
The challenge will come from the server as a result of the application connecting to the server by:
WL.Client.connect(). In this case, if the application is protected, server throws the challenge.
WL.Client.login(realmName). If this is a custom realm, the server sends a challenge to be handled.
Invoking a protected resource using WLResourceRequest. The server responds with a challenge.
When user enters wrong credentials to an earlier challenge
When the challenge comes, you handle it in the challengehandler. The handleChallenge flow in the client ends with the client submitting the credentials in the login form and sending it to the server using the API - submitLoginForm().
