Reputation: 1719
Worklight LDAP Authentication logout from LDAPRealm
I am trying to make an LDAP authentication system using IBM Worklight Studio 6.2.0.01
The login system works fine, no problem with that part, but the logout function doesn't actually log out the user!
Realm:
<realm loginModule="LDAPLoginModule" name="LDAPRealm">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>
LoginModule:
<loginModule name="LDAPLoginModule">
<className>com.worklight.core.auth.ext.LdapLoginModule</className>
<parameter name="ldapProviderUrl" value="<Correct LDAP URL ( For security left blank on stackoverflow )>"/>
<parameter name="ldapTimeoutMs" value="2000"/>
<parameter name="ldapSecurityAuthentication" value="simple"/>
<parameter name="validationType" value="exists"/>
<parameter name="ldapSecurityPrincipalPattern" value="{username}"/>
</loginModule>
SecurityTest:
<customSecurityTest name="LDAPSecurityTest">
<test realm="wl_directUpdateRealm" step="1"/>
<test isInternalUserID="true" realm="LDAPRealm"/>
</customSecurityTest>
AdapterXML (important part)
<procedure name="getUsername" securityTest="LDAPSecurityTest" />
<procedure name="onLogout" />
AdapterJS
function getUsername(){
return {username: ""};
}
function onLogout(){
WL.Server.setActiveUser("LDAPRealm", null);
}
The getUsername function gets called everytime the app wants to check if a user is currently logged in, it has NO function other than that.
The logout function (App-side)
$scope.setUsername = function(){
var invocationData = { adapter: "DummyAdapter", procedure: "getUsername"}
WL.Client.invokeProcedure(invocationData, {
onSuccess: function(result){},
onFailure: function(result){);
}
$scope.logout = function(){
WL.Client.logout("LDAPRealm", {onSuccess: $scope.setUsername});
}
Result: This makes the app go to the login page by noticing the user has logged out, only problem is.. it hasn't completely logged out the user. What can I do to make the user completely logged out?
PS: Why don't I use WL.Client.reloadApp after WL.Client.logout()? Two reasons:
- White screen and reloading the whole app is just dirty, it's not user friendly at all.
- WL.Client.reloadApp gives a fatal signal 11 ( code 1 ) on Android Lollipop ( Android 5.0 ). At least, this is with my worklight version (6.2.0.01).
Please, is there a way I can avoid WL.Client.reloadApp and still log out the user from the server? If not: What may cause the fatal signal 11 ( code 1 ) error in Android Lollipop? I've tested it thoroughly on iOS 8.0, Android 2.3.5, Android 4.4.2 and Android 5.0. Only one that fails is the 5.0
Thank you and sorry for the long post
Upvotes: 1
Views: 531
Answers (1)
Reputation: 1719
I have fixed the problem by removing the WL.Client.reloadApp function from logout onsuccess, I did this as such:
$scope.logout = function(){
WL.Client.logout("LDAPRealm", {onSuccess: function(){
$scope.setUsername() // <-- this function is the secret function
// that triggers the securitytest
// which then gives back the login page because
// you had just logged out :)
}});
}
As for the adapter not logging out the user: This comment was false, this bug was originating from another problem. So my code which was posted on StackOverflow was fine. But still:
Android 5.0 and WL.Client.reloadApp don't go to well (5th November 2014 in case an update fixes this)
Upvotes: 1
Related Questions
- Worklight adapter end session
- Worklight Console protection using LDAP
- Login Authentication In IBM Worklight
- Worklight logout does not clear active user
- Worklight LDAP authentication using ApacheDS
- login authentication in worklight
- Issues with Worklight authentication
- Best worklight practices to logout and to remember a session
- IBM Worklight -Getting error in LDAPLoginModule
- Unable to authenticate using LDAP authentication in IBM Worklight