Troubleshooting
Problem
The description of the authentication configuration file, as given in the "The authentication configuration file" topic is incomplete as some realms are not indicated. Also, the label of its left column is wrong.
Cause
Table 1: "Predefined realms: properties of the <test realm> element" in The authentication configuration file contains ambiguous or incomplete information.
Resolving The Problem
The left column of the table 1 gives the realm references. Its header should therefore read "Realm reference" instead of "Authenticator class name".
The following realms also exist and should be considered as part of this table 1:
- wl_remoteDisableRealm
Realm reference: wl_remoteDisableRealm
Login module reference: WLRemoteDisableNullLoginModule
Description: This realm is used to block applications with specific application environments / versions from accessing resources on the server, or to notify clients with some mandatory message that is related to the server. This realm is typically used when a new application version is released and you no longer want the applications with the older versions to connect to the server. In this case, for example, you want to give directions to the clients on how to obtain the new version of the application with a link to its market download page. Another typical use of this realm is when you find a problem with an application security and you want to immediately block access from this application to sensitive data until the problem is fixed. You can configure the contents of the block / notify message and give a link to more information or the new version. For more information about remote disable, see Remotely disabling application connectivity.
- wl_directUpdateRealm
Realm reference: wl_directUpdateRealm
Login module reference: WLDirectUpdateNullLoginModule
Description: This realm is used to enable the direct update feature. The direct update feature allows the updating of application web resources (not native code) on client devices without the need for users to explicitly download and install the new version. This realm is useful when a fix or an enhancement is done to the web resources of the application and you do not want to start a full release cycle for it. It can be configured to test for updates once a session, per each request, or disabled. For more information about direct update, see Configuring and customizing direct update.
- wl_anonymousUserRealm
Realm reference: wl_anonymousUserRealm
Login module reference: WeakDummy
Description: This realm is the default user realm. As having a user identity is mandatory for an end-user to use IBM Worklight Foundation properly, use this realm if you do not require any special identification of users. This realm gives the user a random unique user ID to be used for various features in the server, such as reports and audit, identification of access to back-end systems, and push notification. This realm is transparent, that is, it does not require any user interaction.
Also, in Security tests, under customSecurityTest, the "A custom security test. No predefined realms are added" sentence should be completed as follows: "A custom security test. No predefined realms are added. Only tests that are included will be tested."
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg21676076