Examining generated realms, security test, and login modules

Realms, security tests, and login modules are defined in the authenticationConfig.xml file located at the server/conf folder of a Worklight project.

Open your Worklight project and locate the authenticationConfig.xml file and check for the following entries that are present by default to help you quick start with it:

Examining generated realms, security test, and login modules

Worklight application's authenticationConfig.xml file's location

Let's create a new Worklight project and examine what realms, security tests, and login modules are generated for us by default.

Generating realms

We can see that the following realms have been generated by default, which we can use or customize further:

<realms>
   <realm name="SampleAppRealm" loginModule="StrongDummy">
   <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
  </realm>
   <realm name="WorklightConsole" loginModule="requireLogin">
   <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
    <onLoginUrl>/console</onLoginUrl>
   </realm>
</realms>

Generating login modules

We can see that the following login modules have been generated by default, which we can use or customize further:

<loginModules>
 <loginModule name="StrongDummy">
  <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
  </loginModule>
  <loginModule name="requireLogin">
  <className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
 </loginModule>
</loginModules>

Generating security tests

We can see that the following security tests have been generated by default, which we can use or customize further:

<securityTests>
    <customSecurityTest name="WorklightConsole">
      <test realm="WorklightConsole" isInternalUserID="true"/>
    </customSecurityTest>
  <mobileSecurityTest name="mobileTests">
    <testAppAuthenticity/> 
    <testDeviceId provisioningType="none" />
    <testUser realm="myMobileLoginForm" />
  </mobileSecurityTest>
<webSecurityTest name="webTests">
    <testUser realm="myWebLoginForm"/>
  </webSecurityTest>
<customSecurityTest name="customTests">
          <test realm="wl_antiXSRFRealm" step="1"/>
          <test realm="wl_authenticityRealm" step="1"/>
          <test realm="wl_remoteDisableRealm" step="1"/>
       <test realm="wl_anonymousUserRealm" isInternalUserID="true" step="1"/>
       <test realm="wl_deviceNoProvisioningRealm" isInternalDeviceID="true" step="2"/>
</customSecurityTest>
</securityTests>
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.220.160.43