问题
Is there any way to disable app authenticity on remote mobile first server? In worklight 6.2 we can manually disable app authenticity on console but cannot find the same settings in mobilefirst 7.1.
As a workaround: We are using custom security test in authenticationConfig.xml and haven't used app authenticity test realm in it. The surprise in the workaround is that it still shows basic app authenticity enabled on the mobile first console. Any pointers for the workaround dilemma as well?
Appreciate any inputs!
Code:
<customSecurityTest name="LoginAdapter-securityTest">
<test realm="wl_deviceNoProvisioningRealm" isInternalDeviceID="true" step="1"/>
<test realm="SingleSignonRealm" isInternalUserID="true" step="2"/>
</customSecurityTest>
回答1:
I have the same issue when i deploy a wlapp of a previous version of worklight (6.1) on MobileFirst Server 7.1.
A workaround is to remove the <security />entry in application-descriptor.xml
Example for a iphone app.
Initially the application-descriptor.xml was the following :
<iphone bundleId="com.WorklightStarterjQueryMobile" version="1.0">
<worklightSettings include="true"/>
<security />
</iphone>
And App Authenticity Configuration was "Basics"
Now i use this one (removed security entry):
<iphone bundleId="com.WorklightStarterjQueryMobile" version="1.0">
<worklightSettings include="true"/>
</iphone>
And App Authenticity Configuration is now "none"
回答2:
Starting MobileFirst Platform Foundation 7.0 there is now basic authenticity and extended authenticity modes. There is no more disabled/serving/serving-blocking options via a dropdown in the MobileFirst Console.
The way to disable Application Authenticity Protection is to remove its realm from the security test in the authenticationConfig.xml file and then re-deploy the .war file, otherwise the changes will not be in effect.
来源:https://stackoverflow.com/questions/32591267/how-to-disable-app-authenticity-on-ibm-mobilefirst-7-1-remote-server