0
我一直在为适配器进行两项安全测试。适配器Worklight 2安全测试冲突
一个安全测试的是看看用户是管理员
第二个安全测试,看看用户是项目经理。
这两种角色都有不同的访问类型,需要单独处理。
,所以我必须在authenticationConfiguration.xml
对于这两种安全测试我已经在移动应用程序使他们的境界处理程序在JavaScript
所有代码如下发现定义在两个安全测试。
问题:
如果一个过程被称为一个需要安全检查无论是在secruity领域被调用。但是,只有首先加载的安全测试才是持续验证的安全测试,而另一项安全测试甚至没有收到挑战。
有人可以告诉我为什么这两个安全测试被调用,以及我如何确保它只调用适当的适配器的安全测试。 两个安全试验是单步骤验证
<securityTests>
<customSecurityTest name="Admin-securityTest">
<test isInternalUserID="true" realm="AdminAuthRealm"/>
</customSecurityTest>
<customSecurityTest name="PM-securityTest">
<test isInternalUserID="true" realm="PMAuthRealm"/>
</customSecurityTest>
</securityTests>
<realms>
<realm loginModule="AuthLoginModule" name="AdminAuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="AdminAdapter.onAuthRequired"/>
<parameter name="logout-function" value="AdminAdapter.onLogout"/>
</realm>
<realm loginModule="AuthLoginModule" name="PMAuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="ProjectAdapter.onAuthRequired"/>
<parameter name="logout-function" value="ProjectAdapter.onLogout"/>
</realm>
</realms>
<loginModules>
<loginModule name="AuthLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
</loginModules>
AdminAdapter
<procedure name="submitAuthentication"/>
<procedure name="getUsers" securityTest="Admin-securityTest"/>
PMAdapter
<procedure name="submitAuthentication"/>
<procedure name="updateProject" securityTest="PM-securityTest"/>
AdminRealmHandler
var AdminAuthRealmChallengeHandler = WL.Client.createChallengeHandler("AdminAuthRealm")
AdminAuthRealmChallengeHandler.isCustomResponse = function(response) {
console.log("ADMIN AUTH");
console.log(response);
if (!response || !response.responseJSON || response.responseText === null) {
console.log("is costumresponse false 1 No json");
return false;
}
if (typeof(response.responseJSON.authRequired) !== 'undefined'){
console.log("is costumresponse true needs auth");
return true;
}
else {
console.log("is costumresponse false 2 else");
return false;
}
};
AdminAuthRealmChallengeHandler.handleChallenge = function(response){
var authRequired = response.responseJSON.authRequired;
if (authRequired == true){
if(response.responseJSON.errorMessage !== null){
AdminAuthRealmChallengeHandler.submitFailure();
}else{
var invocationData = {
adapter : "AdminAdapter",
procedure : "submitAuthentication",
parameters : [ userId, email, connectionsUid ]
};
AdminAuthRealmChallengeHandler.submitAdapterAuthentication(invocationData, {});
}
}
else if (authRequired == false){
AdminAuthRealmChallengeHandler.submitSuccess();
}
};
ProjectRealmHandler
var PMAdminAuthRealmChallengeHandler = WL.Client.createChallengeHandler("PMAuthRealm");
PMAdminAuthRealmChallengeHandler.isCustomResponse = function(response) {
console.log(response);
if (!response || !response.responseJSON || response.responseText === null) {
return false;
}
if (typeof(response.responseJSON.authRequired) !== 'undefined'){
return true;
} else {
return false;
}
};
PMAdminAuthRealmChallengeHandler.handleChallenge = function(response){
var authRequired = response.responseJSON.authRequired;
console.log(response);
if(response.responseJSON.errorMessage !== null && typeof(response.responseJSON.errorMessage) !== 'undefined'){
PMAdminAuthRealmChallengeHandler.submitFailure();
}
if (authRequired == true){
if(response.responseJSON.errorMessage !== null){
PMAdminAuthRealmChallengeHandler.submitFailure();
}else{
var invocationDataPM = {
adapter : "ProjectAdapter",
procedure : "submitAuthentication",
parameters : [ userId, email, connectionsUid ]
};
PMAdminAuthRealmChallengeHandler.submitAdapterAuthentication(invocationDataPM, {});
}
}
else if (authRequired == false){
PMAdminAuthRealmChallengeHandler.submitSuccess();
}
};