add dummy authentication to IBM worklight to create new sessions

[亡魂溺海] 提交于 2020-01-05 04:30:30

问题


Have a multipage form that allows users to register a card through our worklight mobilewebapp.

There is no authentication for this as it is just a web based form that uses adapters to get the information back to the servers and continue through the process. Apparently this is bad and the clients are sharing the same session if they start the process at the same time. Basically, if two or more devices begin the enrollment process at the same time, the last one that started will cross-polinate that data to the other client and will get the data and information from the previous client.

I have been told to add connectAs="endUser" to each procedure call but this requires authentication which we are not using. Does anyone have a simple procedure that can be added at the start of the session to ensure each session is unique and this problem will not happen?


回答1:


create a security test with one single user auth realm - wl_anonymousUserRealm, e.g.

<customSecurityTest name="forAdapterProcedures">
     <test realm="wl_anonymousUserRealm" isInternalUserId="true"/>
</customSecurityTest>

Use this security test to protect your adapter procedure and define them as connectAs="endUser"



来源:https://stackoverflow.com/questions/18639017/add-dummy-authentication-to-ibm-worklight-to-create-new-sessions

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!