Topic
  • 5 replies
  • Latest Post - ‏2012-12-25T14:17:25Z by IdanAdar
MuraliK,Meduri
MuraliK,Meduri
3 Posts

Pinned topic how to activate staticresources in authenticationConfig.xml

‏2012-12-25T06:51:34Z |
Hi Team
Iam trying to protect my worklight console, so enbling the tag
<staticResources>
<resource id="worklightConsole">
<urlPatterns>/console*</urlPatterns>
<resourceRealm>WorklightConsole</resourceRealm>
</resource>
</staticResources>

Which results in few errors, can you please help me out how to activate this. Here i attached the errors description.
Nothing was mentioned in getting started in enabling the "staticResources"

Error Desription:
1) Multiple annotations found at this line:
- securityTest: The value of the required item is missing
- cvc-complex-type.4: Attribute 'securityTest' must appear on element
'resource'.
2)cvc-complex-type.2.4.a: Invalid content was found starting with element 'resourceRealm'. One of '{accessList}' is expected.
  • IdanAdar
    IdanAdar
    49 Posts

    Re: how to activate staticresources in authenticationConfig.xml

    ‏2012-12-25T07:50:47Z  
    Hi,

    Have you taken a look at the comments written inside authenticationConfig.xml?
    It is not enough to uncomment the static resource related to the console, but also the first element in the section below - securityTests.

    
    <!-- Uncomment the next element to protect the worklight console and the first section in securityTests below. --> <staticResources> <resource id=
    "worklightConsole" securityTest=
    "WorklightConsole"> <urlPatterns>/console*</urlPatterns> </resource> </staticResources>   ... ...   <securityTests> <customSecurityTest name=
    "WorklightConsole"> <test realm=
    "WorklightConsole" isInternalUserID=
    "true"/> </customSecurityTest> <!--         <mobileSecurityTest name=
    "mobileTests"> <testAppAuthenticity/> <testDeviceId provisioningType=
    "none" /> <testUser realm=
    "myMobileLoginForm" /> </mobileSecurityTest>   <webSecurityTest name=
    "webTests"> <testUser realm=
    "myWebLoginForm"/> </webSecurityTest>   <customSecurityTest name=
    "customTests"> <test realm=
    "wl_antiXSRFRealm" step=
    "1"/> <test realm=
    "wl_authenticityRealm" step=
    "1"/> <test realm=
    "wl_remoteDisableRealm" step=
    "1"/> <test realm=
    "wl_anonymousUserRealm" isInternalUserID=
    "true" step=
    "1"/> <test realm=
    "wl_deviceNoProvisioningRealm" isInternalDeviceID=
    "true" step=
    "2"/> </customSecurityTest>-->   </securityTests>
    


    Idan Adar
    QA Engineer
    IBM Worklight Mobile Platform
  • MuraliK,Meduri
    MuraliK,Meduri
    3 Posts

    Re: how to activate staticresources in authenticationConfig.xml

    ‏2012-12-25T09:01:18Z  
    • IdanAdar
    • ‏2012-12-25T07:50:47Z
    Hi,

    Have you taken a look at the comments written inside authenticationConfig.xml?
    It is not enough to uncomment the static resource related to the console, but also the first element in the section below - securityTests.

    <pre class="jive-pre"> <!-- Uncomment the next element to protect the worklight console and the first section in securityTests below. --> <staticResources> <resource id= "worklightConsole" securityTest= "WorklightConsole"> <urlPatterns>/console*</urlPatterns> </resource> </staticResources> ... ... <securityTests> <customSecurityTest name= "WorklightConsole"> <test realm= "WorklightConsole" isInternalUserID= "true"/> </customSecurityTest> <!-- <mobileSecurityTest name= "mobileTests"> <testAppAuthenticity/> <testDeviceId provisioningType= "none" /> <testUser realm= "myMobileLoginForm" /> </mobileSecurityTest> <webSecurityTest name= "webTests"> <testUser realm= "myWebLoginForm"/> </webSecurityTest> <customSecurityTest name= "customTests"> <test realm= "wl_antiXSRFRealm" step= "1"/> <test realm= "wl_authenticityRealm" step= "1"/> <test realm= "wl_remoteDisableRealm" step= "1"/> <test realm= "wl_anonymousUserRealm" isInternalUserID= "true" step= "1"/> <test realm= "wl_deviceNoProvisioningRealm" isInternalDeviceID= "true" step= "2"/> </customSecurityTest>--> </securityTests> </pre>

    Idan Adar
    QA Engineer
    IBM Worklight Mobile Platform
    Hi Idan
    Thanks for the reply, you are excellent, and pretty much fast in answering the posts.
    After making those changes, when i tried "build all and deploy", its giving the following error.
    i have declared the console.username and console.password in my worklight.properties file.

    "Failed deploying application to Worklight Server: Can't access the Worklight Server. If you protected the Worklight Console, remove the protection first."
  • IdanAdar
    IdanAdar
    49 Posts

    Re: how to activate staticresources in authenticationConfig.xml

    ‏2012-12-25T10:37:47Z  
    Thank you.

    Yes, it is currently not possible to both protect the console AND deploy to it.
    Protecting the console makes more sense in production environment.

    Idan Adar
    QA Engineer
    IBM Worklight Mobile Platform
  • MuraliK,Meduri
    MuraliK,Meduri
    3 Posts

    Re: how to activate staticresources in authenticationConfig.xml

    ‏2012-12-25T13:55:24Z  
    • IdanAdar
    • ‏2012-12-25T10:37:47Z
    Thank you.

    Yes, it is currently not possible to both protect the console AND deploy to it.
    Protecting the console makes more sense in production environment.

    Idan Adar
    QA Engineer
    IBM Worklight Mobile Platform
    We can deploy multiple wl applications, and each application contains different authenticationConfig.xml and worklight.properties, what will happen if we enable the staticresources in each and every application, which username and password does the console take?
  • IdanAdar
    IdanAdar
    49 Posts

    Re: how to activate staticresources in authenticationConfig.xml

    ‏2012-12-25T14:17:25Z  
    You need to make a clear differentiation between the development environment - when running Worklight in Eclipse, to when running Worklight on an application server (WAS, Tomcat, Liberty).

    1. Are we still talking about the development environment here? (using Eclipse + Worklight Studio (Eclipse plug-in))?
    2. You may be confused... worklight.properties and authenticationConfig.xml both per-server, not per-application.

    
    Worklight project (server) --- application ------- environment ------- environment ------- ... ------- ... --- server ------- conf ------- ... ------- ...
    


    The files you mentioned sit under the conf folder depicted above, and belong to the server, not application.
    So, no, you cannot deploy several applications, each with different such files and settings, as those settings belong to the server that will host the application(s), not the application(s) themselves.

    Idan Adar
    QA Engineer
    IBM Worklight Mobile Platform