在 authenticationConfig.xml 中找不到 IBM Mobile First 平台 v7.1 定制安全测试

Posted

技术标签:

【中文标题】在 authenticationConfig.xml 中找不到 IBM Mobile First 平台 v7.1 定制安全测试【英文标题】:IBM Mobile First platform v7.1 custom security test is not found in authenticationConfig.xml 【发布时间】:2017-04-21 08:38:38 【问题描述】:

我一直在尝试遵循此网站上的教程: Tutorials

我在尝试为适配器过程设置基于简单表单的身份验证时遇到了麻烦。 当我尝试推动我的适配器时:

MacBook-Pro-Savid:AuthAdapter bruser$ mfp push
Preparing for push...
Verifying Server Configuration...
Runtime 'HelloWorldPrject' will be used to push the project into.
Pushing to Server...
Deploying 
/Users/bruser/javad_test_folder/HelloWorldPrject/bin/AuthAdapter.adapter... 
Error: Failed to deploy 
/Users/bruser/javad_test_folder/HelloWorldPrject/bin/AuthAdapter.adapter. 
Reason: failed to push adapter: Required security test 'AuthSecurity' for 
resource proc:AuthAdapter.getSecretData' wasn't found in 
authenticationConfig.xml: HTTP 200 - OK.
adapter found here: 
/Users/bruser/javad_test_folder/HelloWorldPrject/bin/AuthAdapter.adapter has 
been build but deployment failed.
Error: Push has failed here

我的/server/conf/authenticationConfig.xml

    <!-- Licensed Materials - Property of IBM
         5725-I43 (C) Copyright IBM Corp. 2006, 2013. All Rights Reserved.
         US Government Users Restricted Rights - Use, duplication or
         disclosure restricted by GSA ADP Schedule Contract with IBM Corp. -->

 <staticResources>
 <!--
        <resource id="logUploadServlet" securityTest="LogUploadServlet">
        <urlPatterns>/apps/services/loguploader*</urlPatterns>
    </resource>
    -->
    <resource id="subscribeServlet" securityTest="SubscribeServlet">
        <urlPatterns>/subscribeSMS*;/receiveSMS*;/ussd*</urlPatterns>
    </resource>

</staticResources>

 <securityTests>

     <customSecurityTest name="AuthSecurity">
         <test realm="SampleAppRealm" isInternalUserID="true"/>
     </customSecurityTest>
    <!--
    <mobileSecurityTest name="mobileTests">
        <testAppAuthenticity/>
        <testDeviceId provisioningType="none" />
        <testUser realm="myMobileLoginForm" />
        <testDirectUpdate mode="perSession" />
    </mobileSecurityTest>

    <webSecurityTest name="webTests">
        <testUser realm="myWebLoginForm"/>
    </webSecurityTest>

    <customSecurityTest name="customTests">
        <test realm="wl_antiXSRFRealm" step="1"/>
        <test realm="wl_authenticityRealm" step="1"/>
        <test realm="wl_remoteDisableRealm" step="1"/>
        <test realm="wl_directUpdateRealm" mode="perSession" step="1"/>
        <test realm="wl_anonymousUserRealm" isInternalUserID="true" step="1"/>
        <test realm="wl_deviceNoProvisioningRealm" isInternalDeviceID="true" step="2"/>
    </customSecurityTest>

    <customSecurityTest name="LogUploadServlet">
        <test realm="wl_anonymousUserRealm" step="1"/>
        <test realm="LogUploadServlet" isInternalUserID="true"/>
    </customSecurityTest>
    -->
</securityTests>

<realms>
    <realm name="SampleAppRealm" loginModule="StrongDummy">
        <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
    </realm>

    <realm name="SubscribeServlet" loginModule="rejectAll">
        <className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
    </realm>

    <!-- For client logger -->
    <!-- <realm name="LogUploadServlet" loginModule="StrongDummy">
        <className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
    </realm -->

    <!-- For websphere -->
    <!-- realm name="WASLTPARealm" loginModule="WASLTPAModule">
        <className>com.worklight.core.auth.ext.WebSphereFormBasedAuthenticator</className>
        <parameter name="login-page" value="/login.html"/>
        <parameter name="error-page" value="/loginError.html"/>
    </realm -->

    <!-- For User Certificate Authentication -->
    <!-- realm name="wl_userCertificateAuthRealm" loginModule="WLUserCertificateLoginModule">
        <className>com.worklight.core.auth.ext.UserCertificateAuthenticator</className>
        <parameter name="dependent-user-auth-realm" value="WASLTPARealm" />
        <parameter name="pki-bridge-class" value="com.worklight.core.auth.ext.UserCertificateEmbeddedPKI" />
        <parameter name="embedded-pki-bridge-ca-p12-file-path" value="/opt/ssl_ca/ca.p12"/>
        <parameter name="embedded-pki-bridge-ca-p12-password" value="capassword" />
    </realm -->

    <!-- For Trusteer Fraud Detection -->
    <!-- Requires acquiring Trusteer SDK -->
    <!-- realm name="wl_basicTrusteerFraudDetectionRealm" loginModule="trusteerFraudDetectionLogin">
        <className>com.worklight.core.auth.ext.TrusteerAuthenticator</className>
        <parameter name="rooted-device" value="block"/>
        <parameter name="device-with-malware" value="block"/>
        <parameter name="rooted-hiders" value="block"/>
        <parameter name="unsecured-wifi" value="alert"/>
        <parameter name="outdated-configuration" value="alert"/>
    </realm -->

    <!-- For enabling custom authentication -->
    <!-- The className shouldn't be changed, it is part of the framework  -->
    <!--  <realm name="customAuthRealm" loginModule="customAuthLoginModule">
        <className>com.worklight.core.auth.ext.CustomIdentityAuthenticator</className>
        <parameter name="providerUrl" value="http://localhost:3000"/>
    </realm> -->

</realms>

<loginModules>
    <loginModule name="StrongDummy" expirationInSeconds="3600">
        <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
    </loginModule>

    <loginModule name="requireLogin" expirationInSeconds="3600">
        <className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
    </loginModule>

    <loginModule name="rejectAll" expirationInSeconds="3600">
        <className>com.worklight.core.auth.ext.RejectingLoginModule</className>
    </loginModule>

    <!-- Required for Trusteer - wl_basicTrusteerFraudDetectionRealm -->
    <!-- loginModule name="trusteerFraudDetectionLogin" expirationInSeconds="300">
        <className>com.worklight.core.auth.ext.TrusteerLoginModule</className>
    </loginModule-->

    <!-- For websphere -->
    <!-- loginModule name="WASLTPAModule" expirationInSeconds="3600">
        <className>com.worklight.core.auth.ext.WebSphereLoginModule</className>
    </loginModule -->

    <!-- Login module for User Certificate Authentication -->
    <!-- <loginModule name="WLUserCertificateLoginModule" expirationInSeconds="3600">
        <className>com.worklight.core.auth.ext.UserCertificateLoginModule</className>
    </loginModule> -->


    <!-- For enabling SSO with no-provisioning device authentication -->
    <!-- <loginModule name="MySSO" ssoDeviceLoginModule="WLDeviceNoProvisioningLoginModule" expirationInSeconds="3600">
        <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
    </loginModule> -->


    <!-- For enabling SSO with auto-provisioning device authentication -->
    <!-- <loginModule name="MySSO" ssoDeviceLoginModule="WLDeviceAutoProvisioningLoginModule" expirationInSeconds="3600">
        <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
    </loginModule> -->

    <!-- For enabling custom authentication -->
    <!-- The className shouldn't be changed, it is part of the framework  -->
    <!-- <loginModule name="customAuthLoginModule" expirationInSeconds="3600">
        <className>com.worklight.core.auth.ext.CustomIdentityLoginModule</className>
    </loginModule> -->
</loginModules>

<!--staticResources>
    <resource id="mobileFirstConsole" securityTest="SubscribeServlet">
        <urlPatterns>/console*</urlPatterns>
    </resource>
</staticResources-->

【问题讨论】:

使用“webTests”而不是“AuthSecurity”保护您的 authAdapter,然后重试。 【参考方案1】:

根据这个错误

原因:无法推送适配器:需要安全测试“AuthSecurity” 资源 proc:AuthAdapter.getSecretData' 未找到 authenticationConfig.xml:

它正在寻找在 authenticationConfig.xml 中找不到的“AuthSecurity”测试,该测试是部署在服务器上的运行时 WAR 的一部分。

procedure name="getSecretData" securityTest="AuthSecurityTest"

这意味着您需要从服务器中提取 WAR 并仔细检查它是否确实存在于 authenticationConfig.xml 中,根据异常看起来它不存在

https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/7.1/authentication-security/form-based-authentication/

【讨论】:

以上是关于在 authenticationConfig.xml 中找不到 IBM Mobile First 平台 v7.1 定制安全测试的主要内容,如果未能解决你的问题,请参考以下文章

秋的潇洒在啥?在啥在啥?

上传的数据在云端的怎么查看,保存在啥位置?

在 React 应用程序中在哪里转换数据 - 在 Express 中还是在前端使用 React?

存储在 plist 中的数据在模拟器中有效,但在设备中无效

如何在保存在 Mongoose (ExpressJS) 之前在模型中格式化数据

如何在保存在 Mongoose (ExpressJS) 之前在模型中格式化数据