如何清除 IBM Mobilefirst Platform Foundation 7.1 中的会话?
How to clear the session in IBM Mobilefirst Platform Foundation 7.1?
我们正在开发一个使用基于适配器的身份验证的应用程序。
我们观察到,在用户 1 注销后,用户 2 登录后,我们收到如下错误:"user already exist, please logout"。
要解决此问题,我们需要在用户 2 尝试登录时清除 MobileFirst Server 会话。
清除MobileFirst Server会话的方式有哪些
申请Config.xml
<staticResources>
<resource id="subscribeServlet" securityTest="SubscribeServlet">
<urlPatterns>/subscribeSMS*;/receiveSMS*;/ussd*</urlPatterns>
</resource>
</staticResources>
<securityTests>
<mobileSecurityTest name="PushApplications">
<testUser realm="pushAppRealm"/>
<testDeviceId provisioningType="none"/>
</mobileSecurityTest>
<customSecurityTest name="SubscribeServlet">
<test realm="SubscribeServlet" isInternalUserID="true"/>
</customSecurityTest>
</securityTests>
<realms>
<realm name="SampleAppRealm" loginModule="StrongDummy">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>
<realm name="SubscribeServlet" loginModule="rejectAll">
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
</realm>
<realm loginModule="PushAppLoginModule" name="pushAppRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="pushNotificationAdapter.onAuthRequired"/>
<parameter name="logout-function" value="pushNotificationAdapter.onLogout"/>
</realm>
</realms>
<loginModules>
<loginModule name="StrongDummy" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule name="requireLogin" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
</loginModule>
<loginModule name="rejectAll" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.RejectingLoginModule</className>
</loginModule>
<loginModule name="PushAppLoginModule" >
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
</loginModules>
应用Descriptor.xml
<displayName>pushNotification</displayName>
<description>pushNotification</description>
<author>
<name>application's author</name>
<email>application author's e-mail</email>
<homepage>http://mycompany.com</homepage>
<copyright>Copyright My Company</copyright>
</author>
<mainFile>index.html</mainFile>
<features/>
<targetCategory>UNDEFINED</targetCategory>
<licenseAppType>APPLICATION</licenseAppType>
<thumbnailImage>common/images/thumbnail.png</thumbnailImage>
<userIdentityRealms>pushAppRealm</userIdentityRealms>
<accessTokenExpiration>3600</accessTokenExpiration>
<android version="1.0">
<worklightSettings include="false"/>
<pushSender key="AIzaSyAxazrxBZ1tDQWhuGRsQR3DLiPzfm-O-V8" senderId="1019918790021"/>
<security>
<encryptWebResources enabled="false"/>
<testWebResourcesChecksum enabled="false" ignoreFileExtensions="png, jpg, jpeg, gif, mp4, mp3"/>
<publicSigningKey/>
<packageName/>
</security>
</android>
当用户点击登录按钮时
function wlCommonInit() {
WL.Client.connect({
onSuccess : onConnectSuccess,
onFailure : onConnectFailure
});
function onConnectSuccess() {
alert(WL.Client.Push.isSubscribed("myPushh"))
}
function onConnectFailure() {
alert("connection failed")
}
}
$(document).on('click', '#btnSubmitLogin', function () {
var civilId=document.getElementById("txtMbrIdLogin").value;
if(WL.Client.isUserAuthenticated("pushAppRealm")==false){
if(WL.Client.getUserName("pushAppRealm")== null){
alert("user not authenticated");
if(WL.Client.Push.isSubscribed("myPushh")){
alert("user subscribed");
WL.Client.Push.unsubscribe("myPushh", {
onSuccess: function() {
alert("unsubscribe success");
callSubmitAuthentication(civilId,"from QLM");
},
onFailure: function() {
alert("unsubscribe fail")
callSubmitAuthentication(civilId,"from QLM");
}
});
}
else{
alert("user not subscribed");
callSubmitAuthentication(civilId,"from QLM");
}
}else{
WL.Client.logout('pushAppRealm', { onSuccess: function() {
alert("logout"); if(WL.Client.Push.isSubscribed("myPushh")){
alert("user subscribed");
WL.Client.Push.unsubscribe("myPushh", {
onSuccess: function() {
callSubmitAuthentication(civilId,"from QLM");
},
onFailure: function() {
alert("unsubscribe fail")
callSubmitAuthentication(civilId,"from QLM");
}
});
}else{
callSubmitAuthentication(civilId,"from QLM");
} }, onFailure:function() {
alert("Unable to logout");
} });
// callSubmitAuthentication(civilId,"from QLM");
}
}
else if(WL.Client.isUserAuthenticated("pushAppRealm")==true){
if(WL.Client.Push.isSubscribed("myPushh")){
WL.Client.Push.unsubscribe("myPushh", {
onSuccess: function() {
WL.Client.logout('pushAppRealm', { onSuccess: function() {
alert("logout"); callSubmitAuthentication();
}, onFailure:function() {
alert("Unable to logout");
}});
callSubmitAuthentication(civilId,"from QLM");
},
onFailure: function() {
callSubmitAuthentication(civilId,"from QLM");
}
});
}else{
callSubmitAuthentication(civilId,"from QLM");
}
}
});
我无法回答您的具体情况,但我可以说您提供的代码示例毫无意义,不应期望它能正常工作。
例如:
pushAppRealmChallengeHandler.handleChallenge = function(response) {
if (!response || !response.responseJSON || response.responseText === null) {
return false;
}
if (typeof(response.responseJSON.authRequired) !== 'undefined'){
if(response.responseJSON.authRequired == false){
pushAppRealmChallengeHandler.submitSuccess();
}
}else{
return false;
}
}
如果框架调用 handleChallenge,您需要回答挑战。无论是通过将凭据发送回服务器,submitFailure 还是 submitSuccess。返回 true 或 false 不是一个选项。此方法没有 return 值,它应该 收集凭据并将它们发送到服务器 。
你也有一句空话:pushAppRealmChallengeHandler.submitAdapterAuthentication(invocationData,{});.
每次加载文件时它都会向服务器发送无效凭据。
我会在这里停下来,但到目前为止,此示例中没有任何内容有意义或预计会起作用。
慢慢来。请回到基础知识,研究最简单的示例,阅读 所有 教程。在每个小步骤后测试您的流量。如果您对特定问题有疑问,我们随时为您提供帮助。
此外,我还可以推荐试用 MobileFirst Platform v8.0
我们正在开发一个使用基于适配器的身份验证的应用程序。
我们观察到,在用户 1 注销后,用户 2 登录后,我们收到如下错误:"user already exist, please logout"。
要解决此问题,我们需要在用户 2 尝试登录时清除 MobileFirst Server 会话。
清除MobileFirst Server会话的方式有哪些
申请Config.xml
<staticResources>
<resource id="subscribeServlet" securityTest="SubscribeServlet">
<urlPatterns>/subscribeSMS*;/receiveSMS*;/ussd*</urlPatterns>
</resource>
</staticResources>
<securityTests>
<mobileSecurityTest name="PushApplications">
<testUser realm="pushAppRealm"/>
<testDeviceId provisioningType="none"/>
</mobileSecurityTest>
<customSecurityTest name="SubscribeServlet">
<test realm="SubscribeServlet" isInternalUserID="true"/>
</customSecurityTest>
</securityTests>
<realms>
<realm name="SampleAppRealm" loginModule="StrongDummy">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>
<realm name="SubscribeServlet" loginModule="rejectAll">
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className>
</realm>
<realm loginModule="PushAppLoginModule" name="pushAppRealm">
<className>com.worklight.integration.auth.AdapterAuthenticator</className>
<parameter name="login-function" value="pushNotificationAdapter.onAuthRequired"/>
<parameter name="logout-function" value="pushNotificationAdapter.onLogout"/>
</realm>
</realms>
<loginModules>
<loginModule name="StrongDummy" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule name="requireLogin" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
</loginModule>
<loginModule name="rejectAll" expirationInSeconds="3600">
<className>com.worklight.core.auth.ext.RejectingLoginModule</className>
</loginModule>
<loginModule name="PushAppLoginModule" >
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
</loginModules>
应用Descriptor.xml
<displayName>pushNotification</displayName>
<description>pushNotification</description>
<author>
<name>application's author</name>
<email>application author's e-mail</email>
<homepage>http://mycompany.com</homepage>
<copyright>Copyright My Company</copyright>
</author>
<mainFile>index.html</mainFile>
<features/>
<targetCategory>UNDEFINED</targetCategory>
<licenseAppType>APPLICATION</licenseAppType>
<thumbnailImage>common/images/thumbnail.png</thumbnailImage>
<userIdentityRealms>pushAppRealm</userIdentityRealms>
<accessTokenExpiration>3600</accessTokenExpiration>
<android version="1.0">
<worklightSettings include="false"/>
<pushSender key="AIzaSyAxazrxBZ1tDQWhuGRsQR3DLiPzfm-O-V8" senderId="1019918790021"/>
<security>
<encryptWebResources enabled="false"/>
<testWebResourcesChecksum enabled="false" ignoreFileExtensions="png, jpg, jpeg, gif, mp4, mp3"/>
<publicSigningKey/>
<packageName/>
</security>
</android>
当用户点击登录按钮时
function wlCommonInit() {
WL.Client.connect({
onSuccess : onConnectSuccess,
onFailure : onConnectFailure
});
function onConnectSuccess() {
alert(WL.Client.Push.isSubscribed("myPushh"))
}
function onConnectFailure() {
alert("connection failed")
}
}
$(document).on('click', '#btnSubmitLogin', function () {
var civilId=document.getElementById("txtMbrIdLogin").value;
if(WL.Client.isUserAuthenticated("pushAppRealm")==false){
if(WL.Client.getUserName("pushAppRealm")== null){
alert("user not authenticated");
if(WL.Client.Push.isSubscribed("myPushh")){
alert("user subscribed");
WL.Client.Push.unsubscribe("myPushh", {
onSuccess: function() {
alert("unsubscribe success");
callSubmitAuthentication(civilId,"from QLM");
},
onFailure: function() {
alert("unsubscribe fail")
callSubmitAuthentication(civilId,"from QLM");
}
});
}
else{
alert("user not subscribed");
callSubmitAuthentication(civilId,"from QLM");
}
}else{
WL.Client.logout('pushAppRealm', { onSuccess: function() {
alert("logout"); if(WL.Client.Push.isSubscribed("myPushh")){
alert("user subscribed");
WL.Client.Push.unsubscribe("myPushh", {
onSuccess: function() {
callSubmitAuthentication(civilId,"from QLM");
},
onFailure: function() {
alert("unsubscribe fail")
callSubmitAuthentication(civilId,"from QLM");
}
});
}else{
callSubmitAuthentication(civilId,"from QLM");
} }, onFailure:function() {
alert("Unable to logout");
} });
// callSubmitAuthentication(civilId,"from QLM");
}
}
else if(WL.Client.isUserAuthenticated("pushAppRealm")==true){
if(WL.Client.Push.isSubscribed("myPushh")){
WL.Client.Push.unsubscribe("myPushh", {
onSuccess: function() {
WL.Client.logout('pushAppRealm', { onSuccess: function() {
alert("logout"); callSubmitAuthentication();
}, onFailure:function() {
alert("Unable to logout");
}});
callSubmitAuthentication(civilId,"from QLM");
},
onFailure: function() {
callSubmitAuthentication(civilId,"from QLM");
}
});
}else{
callSubmitAuthentication(civilId,"from QLM");
}
}
});
我无法回答您的具体情况,但我可以说您提供的代码示例毫无意义,不应期望它能正常工作。
例如:
pushAppRealmChallengeHandler.handleChallenge = function(response) {
if (!response || !response.responseJSON || response.responseText === null) {
return false;
}
if (typeof(response.responseJSON.authRequired) !== 'undefined'){
if(response.responseJSON.authRequired == false){
pushAppRealmChallengeHandler.submitSuccess();
}
}else{
return false;
}
}
如果框架调用 handleChallenge,您需要回答挑战。无论是通过将凭据发送回服务器,submitFailure 还是 submitSuccess。返回 true 或 false 不是一个选项。此方法没有 return 值,它应该 收集凭据并将它们发送到服务器 。
你也有一句空话:pushAppRealmChallengeHandler.submitAdapterAuthentication(invocationData,{});.
每次加载文件时它都会向服务器发送无效凭据。
我会在这里停下来,但到目前为止,此示例中没有任何内容有意义或预计会起作用。
慢慢来。请回到基础知识,研究最简单的示例,阅读 所有 教程。在每个小步骤后测试您的流量。如果您对特定问题有疑问,我们随时为您提供帮助。
此外,我还可以推荐试用 MobileFirst Platform v8.0