Reputation: 227
Trying to do App Authenticity and during client.connect() getting "App authenticity security check failed"
Hi I am trying to connect to production server and do App authenticity (native android app). But I Am getting following error "App authenticity security check failed".
What I am doing at MFP project level.
In authconfig xml.
<customSecurityTest name="AuthSecurityTest">
<test realm="wl_antiXSRFRealm" step="1" />
<test realm="wl_authenticityRealm" step="1" />
<test realm="wl_remoteDisableRealm" step="1" />
<test isInternalUserID="true" realm="AuthRealm" step="1" />
<test realm="wl_deviceNoProvisioningRealm" isInternalDeviceID="true"
step="2" />
</customSecurityTest>
<realm loginModule="AuthLoginModule" name="AuthRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="AuthAdapter.onAuthRequired" />
<parameter name="logout-function" value="AuthAdapter.onLogout" />
</realm>
<loginModule name="AuthLoginModule">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
My application descriptor :
<nativeAndroidApp xmlns="http://www.worklight.com/native-android-descriptor"
id="MFP_Android"
platformVersion="7.1.0.00.20160401-2103" securityTest="AuthSecurityTest" version="1.0">
<displayName>MFP_Android</displayName>
<description>MFP_Android</description>
<accessTokenExpiration>3600</accessTokenExpiration>
<publicSigningKey>MIIBHSAKJHDFKJHFKHDFKJHDKJHDFSKJHFDSKJHFDSKJDFHKJDFHDFHJDSKDFSHKDJFSHKJFDHSKJDFSHKJDFSHKJDFSHKJDFHSKJDFHlkasalJAscnmxzcncxmnzksjdadskjdsjsdjskjdksjdakjdssdjksdaj</publicSigningKey>
<packageName>com.mfp</packageName>
<targetCategory>UNDEFINED</targetCategory>
<licenseAppType>APPLICATION</licenseAppType>
</nativeAndroidApp>
I am calling the challenge hander on connect.
AndroidChallengeHandler challengeHandler = new AndroidChallengeHandler("AuthRealm");
WLClient client;
client.registerChallengeHandler(challengeHandler);
client.connect();
I am getting response as
/*-secure- {"reason":"App authenticity security check failed"}*/
y would I get such response.
Upvotes: 0
Views: 314
Answers (1)
Reputation: 44516
- I find it very strange that your package name is really "com.mfp" as seen in the descriptor XML file:
<packageName>com.mfp</packageName>.
Are you absolutely sure this is your package name (that you can find in the AndroidManifest.xml file of your Android native project)?
Another possibility is that the key used to in the descriptor XML file does not match the key that was used to sign the .apk with.
Lastly, this could be due to the steps that you've defined in the Authentication Configuration XML file. Try changing the "wl_remoteDisableRealm" to be "step 2". This change will require you to re-deploy the updated .war file to your application server.
Upvotes: 1
Related Questions
- MobileFirst - Invalid Security Check push.mobileclient
- Invalid Security Check RegisteredClient when connect to MFP 8.0
- Try to get auth token from MobileFirst8.0 to web application
- IBM MobileFirst: Application Authenticity rejection despite the application's authentic identity?
- "Re-enabling" App Authenticity in Mobilefirst 8.0 not working
- APPLICATION_DOES_NOT_EXIST for MobileFirst 8.0 Security Authentication?
- App authenticity is giving a different error
- XML Validation Error Mobilefirst App Authenticity
- IBM MobileFirst - Application Authenticity Public Key extraction
- How to disable app authenticity on IBM MobileFirst 7.1 remote server?