I am using Worklight 5.0.3 version.
In my application I have few pages public and few restricted (displayed only after user is authenticated).
For authentication I have configured '<common securityTest="mySecurityTest"/>' tag in application-descriptor.xml. With this my login functionality is working fine.
However, after configuring authentication mechanism all the resources (pages and adapters) are being classified as restricted and I am unable to provide exceptions for pages and adapters I wish to make public.
Can anyone please let me know how can I avoid authentication for resources I wish to make public?
This topic has been locked.
Pinned topic How to skip authentication for public pages and adapters?
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Re: How to skip authentication for public pages and adapters?2012-11-05T18:30:54ZThis is the accepted answer. This is the accepted answer.Hi,
We have a whole section of tutorials and code-samples on authentication. Have you looked at those yet?
Re: How to skip authentication for public pages and adapters?2012-11-06T04:35:15ZThis is the accepted answer. This is the accepted answer.
- SystemAdmin 110000D4XK
Yes, I have checked those tutorials, even gone through Authentication concepts in Worklight.
But still, somehow I am unable to figure out how make it work.
I understand before version 5.0.3, '<usage authenticationRequired="">' tag was provided which had options 'OnStartup', 'OnDemand' and 'Never'. This way developer had control over when to trigger authentication mechanism but in 5.0.3 it has been replaced with '<common>' and don't have any option except configuring Security Test.
Also, if I try to send login request without configuring <common> tag, I am getting 401 (Unauthorized Exception).
There is one more tag '<staticResources>' to restrict access to static resources. I tried this also, but again no luck :(.
ShmulikB 270005FKGM20 Posts
Re: How to skip authentication for public pages and adapters?2012-11-06T06:59:39ZThis is the accepted answer. This is the accepted answer.
- SystemAdmin 110000D4XK
You can use authentication in 2 ways:
1. Protect an environment.
2. Protect an adapter procedure.
when protecting an environment - all the resources for that environment will be authenticated.
If you want to make a separation, you can create a security test and attach it only to those procedures (adapter procedures) that you want to be authenticated.
You can find more information about authentication in our Getting Started page:
Re: How to skip authentication for public pages and adapters?2012-11-06T09:58:22ZThis is the accepted answer. This is the accepted answer.
- ShmulikB 270005FKGM
Exactly, my point is same. I am able to protect whole environment. That way all the pages are protected (at the moment I have html pages only).
However, I need to provide some exceptions here, I need to keep some pages public.
Regarding Adapters, yes I can assign Security Tests to them, but my intention here is to protect some of html pages.
Would be great if you can suggest any solution.
kai_huang2012 270005GB8Y23 Posts
Re: How to skip authentication for public pages and adapters?2012-11-07T03:23:21ZThis is the accepted answer. This is the accepted answer.