CODEWITHSUNDEEP
androidauthenticationibm-mobilefirstbasic-authenticationworklight-security
user3710788
user3710788

Reputation: 1

Worklight authentication error 401 after successfully IMC authentication

I used this code to pass the IMC server and authenticate my WL 6.2 server ( WL server does not require any authentication ).

PADMAppRealmChallengeHandler.loginToImc = function (userid, password) {

PADMAppRealmChallengeHandler.writeMessage("Authenticating with w3 IMC server ...");
PADMAppRealmChallengeHandler.writeMessage("Called loginToImc ...");

if (byPassIMC)
{

}
else
{
    base64uid = window.btoa(userid + ":" + password);

    // var WgSessionKey = WLJQ.cookie("WgSessionKey");
    alert("Cookies are: " + document.cookie );
    // alert("WgSessionKey=" + WgSessionKey);
    WLJQ.ajax({
        url: IMCURL,
        method: "get",
        async: false,
        cache : false, 
        crossDomain  : true ,
        headers : {
            "Authorization": "Basic " + base64uid 
            //,  "Cookie" : "WgSessionKey=XXXXX"
        },
        dataType: "text",
        error: function(jqXHR, status, error) {
            console.log("status =" + status + " error=" + error);
            console.log(jqXHR);
            console.log("AllResponseHeaders");
            console.log("================================");
            console.log( jqXHR.getAllResponseHeaders() );
            PADMAppRealmChallengeHandler.writeError("Failed to authenticate. Please try again later");
            console.log("============== error responseText ==================");
            console.log( jqXHR.responseText);
            console.log("================================");

            PADMAppRealmChallengeHandler.setBusy(false);
        },
        timeout: 12000,
        success : function(data, textStatus, jqXHR) {
            console.log("================================");
            PADMAppRealmChallengeHandler.writeMessage("IMC SUCC ");
            console.log("================================");

            console.log(jqXHR);
            console.log("AllResponseHeaders");
            console.log("================================");
            console.log( jqXHR.getAllResponseHeaders() );
            console.log(data);
            console.log("================================");


            var SetCookies = jqXHR.getResponseHeader('Set-Cookie');
            // alert("SetCookies=" + SetCookies );


            console.log("============== success responseText ==================");
            console.log( jqXHR.responseText);
            console.log("================================");

            // if (data == "Success!!") 
            if (data) 
            {
                var options = 
                {
                        onSuccess: function(e)
                        {
                            PADMAppRealmChallengeHandler.writeMessage("Workligth Connect + IMC SUCC ");
                            PADMAppRealmChallengeHandler.writeMessage(JSON.stringify(e));
                            PADMAppRealmChallengeHandler.setBusy(false);
                            return;
                        },
                        onFailure: function(e)
                        {

                            PADMAppRealmChallengeHandler.writeError("Failed to authenticate with Worklight. Please try again later");
                            PADMAppRealmChallengeHandler.setBusy(false);
                            alert("Error with Workligth server " + JSON.stringify(e));
                        }
                };

                console.log("Run WL.Client.connect(options); ");
                WL.Client.connect(options);
            } else {
                PADMAppRealmChallengeHandler.writeError("The user ID or password entered is incorrect");
                alert("Failed to login on IMC server, verify your user and/or password please !!");
                PADMAppRealmChallengeHandler.setBusy(false);
            }
        }
    });

}

};

after the a good ajax get request, the WL.client.connect() request is reject by IMC , error 401 .. unauthenticate.

The issue happens on

WL Studio | Android | iOS

v6.3 | Error 401 | not tested

v6.2 | Error 410 | WORKS !

v6.1 | WOKRS | not tested

v5.X | WORKS | not tested

It seems the issue is due the fact the Set-Cookie WgSessionKey is not capture by the WL framework. It happens only on Android. It seems a bug introduced on WL 6.2 on Android

Upvotes: 0

Views: 300

Answers (1)

Idan Adar
Idan Adar

Reputation: 44516

In Worklight 6.2 there is no publically supported way of accessing the Android cookie store. This is a known limitation of the platform.

An alternative, undocumented, unsupported, method was provided to the user in order to over the problem:
var req=new WLJSX.Ajax.WLRequest( ... instead of WLJQ.ajax({ ...

The plan is to add proper Android cookie store support via public API in a future release. It will then be possible to inject anything needed...

Upvotes: 0

Related Questions