worklight-security

I get the following error when I log in the second time in my login screen. [ERROR ] FWLSE0099E: An error occurred while invoking procedure [project Klappr]KlapprAuthAdapter/submitAuthenticationFWLSE0100E: parameters: [project Klappr]{ "arr": [ "dGVzdDp0ZXN0" ] } Cannot change identity of an already logged in user in realm 'KlapprAuthRealm'. The application must logout first. FWLSE0101E: Caused by: [project Klappr]null com.worklight.common.log.filters.ErrorFilter In submitauthentication (in the adapter) I check if the username and password are correct and if they are correct I set the

I'm working on a demo in Worklight version 6.0 where I need to use SSL from iOS and Android to the Worklight Server. Is there any way to use a self-signed or test certificate in the Worklight server? Or do I need to buy a certificate from one of the standard CAs even for test/demo? I've seen references to how to import my certificate in the Android system trust store, and that looks promising, but I'm not seeing anything equivalent for iOS. There are a number of native code workarounds (which net out to disabling SSL certificate verification altogether) along with much discussion about which

I am writing a worklight application and it will be connecting to a variety of backend services which will be decided by the consumer after installation. I would like to use adapters to connect the client to the backend services - but want to avoid editting and updating the adapter for each connecting user. Essentially each customer has a running server I want to connect to - however it will be running on a different port and domain for each customer. I want them to be able to pass those to the adapter to allow a common call to be issued to the customer's backend server. Is there a way that I

Worklight 5.0.6.1 We are having a specific requirement from our client about using a PCI Appliance from Intel ( http://info.intel.com/rs/intel/images/Intel_Expressway_Tokenization_Broker.pdf ) to avoid a PCI Audit for the application and server. Therefore, the Adapter calls that have something to do with payment data would need to go through this hardware appliance before hitting the worklight server. All other adapter calls should go to the worklight server directly (to not overload the appliance). The idea is to have two different URLs but the same worklight server in the background. It is

I am developing a mobile app using WorkLight 5.0.6 and I would like to attach a secure cookie to the response returned by an adapter. We are not using a WorkLight Authentication realm because we do not wish to "bind" the session to a specific WL server in a clustered production environment. We authenticate the session by calling a sign-on adapter which authenticates the user details against a back end system. As part of the response from the sign-on adapter call I would like to create a secure cookie (http only) containing the authenticated information and attach it to the response returned