A fix is available
APAR status
Closed as program error.
Error description
When device tracking is enabled (by setting the wl.device.tracking.enabled JNDI property to true), and a <test> tag in authenticationDescriptor.xml is marked with isInternalUserID="true" attribute, but that <test> tag is not last in the list of <test> tags, and the client application is using legacy MobileFirst network API (not WLResourceRequest) the supplied user id credential will not be collected into the database and will therefore not be shown in the table on the devices tab in the operations console. Also, when device tracking is enabled (by setting the wl.device.tracking.enabled JNDI property to true), and the application is using oauth-based authentication, meaning the client is using WLResourceRequest API call, the user id is never collected no matter the configuration.
Local fix
When legacy MFP network API calls are in use (such as WLClient.invokeProcedure), place the <test> tag marked with isInternalUserID="true" last in the list of <test> tags. There is no workaround to enable user ID collection when using the WLResourceRequest API.
Problem summary
**************************************************************** * USERS AFFECTED: * * Visitors to the Devices tab on the MobileFirst Operations * * console may not see a user ID in the User ID column, even * * though device tracking feature is enabled and a <test> tag * * in authenticationConfig.xml has isInternalUserID="true" * * attribute. * **************************************************************** * PROBLEM DESCRIPTION: * * When device tracking is enabled (by setting the * * wl.device.tracking.enabled JNDI property to true), and a * * <test> * * tag in authenticationDescriptor.xml is marked with * * isInternalUserID="true" attribute, but that <test> tag is * * not * * last in the list of <test> tags, and the client application * * is * * using legacy MobileFirst network API (not WLResourceRequest) * * the * * supplied user id credential will not be collected into the * * database and will therefore not be shown in the table on the * * devices tab in the operations console. * * * * Also, when device tracking is enabled (by setting the * * wl.device.tracking.enabled JNDI property to true), and the * * application is using oauth-based authentication, meaning the * * client is using WLResourceRequest API call, the user id is * * never * * collected no matter the configuration. * **************************************************************** * RECOMMENDATION: * * - * ****************************************************************
Problem conclusion
After applying the ifix, the following steps must be taken to enable collection of the user ID (assuming device tracking is already enabled): If using legacy security, such as WLClient.* API: Be sure that the <test> tag with the isInternalUserID="true" attribute from which you wish to collect the user ID is listed last in the list of <test> tags in authenticationConfig.xml. If using oauth-based security, such as WLResourceRequest API: Be sure to list the realm from the last <test> tag with isInternalUserID="true" first in the list of realms in the <userIdentityRealms> in the application-descriptor.xml file.
Temporary fix
Comments
APAR Information
APAR number
PI41157
Reported component name
WL/MFPF CONSUME
Reported component ID
5725I4301
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2015-05-14
Closed date
2015-06-01
Last modified date
2015-06-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WL/MFPF CONSUME
Fixed component ID
5725I4301
Applicable component levels
R700 PSY
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSZH4A","label":"IBM Worklight"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"700","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
14 October 2021