Mobilefirst 错误代码：4，错误描述：AUTHENTICATION_ERROR答案

【问题标题】：Mobilefirst error code: 4, error description: AUTHENTICATION_ERRORMobilefirst 错误代码：4，错误描述：AUTHENTICATION_ERROR
【发布时间】：2016-03-09 10:15:23
【问题描述】：

当我尝试从我的应用程序连接到我的 MobileFirst 服务器时，它会在 SystemOutError.log 中显示此错误

    [3/9/16 10:37:41:053 CET] 000000a5 LoginContext  E com.worklight.core.auth.impl.LoginContext processRequest FWLSE0117E: Error code: 4, error description: AUTHENTICATION_ERROR, error message: An error occurred while performing authentication using loginModule wl_authenticityLoginModule, User Identity Not available. [project mapruntime] [project mapruntime]
[3/9/16 10:43:41:851 CET] 000000a5 LoginContext  E com.worklight.core.auth.impl.LoginContext processRequest FWLSE0059E: Login into realm 'wl_authenticityLoginModule' failed. Missing app authenticity configuration parameters. [project mapruntime]
                                 com.worklight.gadgets.GadgetRuntimeException: Missing app authenticity configuration parameters
    at com.worklight.core.auth.ext.appauth.AuthenticityAuthenticatorImpl.processRequest(AuthenticityAuthenticatorImpl.java:82)
    at com.worklight.core.auth.ext.AuthenticityAuthenticator.processRequest(AuthenticityAuthenticator.java:79)
    at com.worklight.core.auth.impl.LoginContext.processRequest(LoginContext.java:212)
    at com.worklight.core.auth.impl.AuthenticationContext.checkAuthentication(AuthenticationContext.java:779)
    at com.worklight.core.auth.impl.AuthenticationContext.processRealms(AuthenticationContext.java:679)
    at com.worklight.core.auth.impl.AuthenticationContext.pushCurrentResource(AuthenticationContext.java:652)
    at com.worklight.core.auth.impl.AuthenticationServiceBean.accessResource(AuthenticationServiceBean.java:81)
    at com.worklight.core.auth.impl.AuthenticationFilter.doFilter(AuthenticationFilter.java:228)
    at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
    at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
    at com.worklight.analytics.AnalyticsFilter.doFilter(AnalyticsFilter.java:124)
    at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
    at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
    at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:967)
    at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1107)
    at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:87)
    at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:940)
    at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1817)
    at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:200)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:463)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:530)
    at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:316)
    at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:88)
    at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1818)
    at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:175)
    at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
    at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
    at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
    at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
    at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
    at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
    at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1881)

[3/9/16 10:43:41:853 CET] 000000a5 LoginContext  E com.worklight.core.auth.impl.LoginContext processRequest FWLSE0117E: Error code: 4, error description: AUTHENTICATION_ERROR, error message: An error occurred while performing authentication using loginModule wl_authenticityLoginModule, User Identity Not available. [project mapruntime] [project mapruntime]

但在我的身份验证配置中，没有名为“wl_authenticityLoginModule”的登录域。

MobileFirst Operations Console 上的应用程序身份验证配置设置为无。

我的大学已经调查过了，但也找不到问题（参考：here）

我的 application-descriptor.xml 包含：

<android securityTest="MAPCertLogin" version="1.0.4">
  <worklightSettings include="false"/>
  <pushSender key="*****OurPushSenderKey*****" senderId="***OurSenderId***"/>
  <compressWebResources enabled="true"/>
</android>
<common securityTest="MAPCertLogin"/>

这是 AuthentcationConfig.xml：

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<tns:loginConfiguration xmlns:tns="http://www.worklight.com/auth/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <!-- Licensed Materials - Property of IBM
             5725-I43 (C) Copyright IBM Corp. 2006, 2013. All Rights Reserved.
             US Government Users Restricted Rights - Use, duplication or
             disclosure restricted by GSA ADP Schedule Contract with IBM Corp. -->
    <!---->
    <!--  Sample security tests  
         Even if not used there will be some default webSecurityTest and mobileSecurityTest 
         Attention: if using <testAppAuthenticity/> test below ,<publicSigningKey> element must be added to application-descriptor.xml as well. -->
    <securityTests>
        <mobileSecurityTest name="MAPCertLogin">    
            <testUser realm="MAPLoginRealm"/>   
            <testDirectUpdate mode="perRequest"/>
            <testDeviceId provisioningType="custom" realm="MAPLoginRealm"/>
            <!--  testAppAuthenticity  -->
        </mobileSecurityTest>
     <!--      
        <customSecurityTest name="PushSecurityTest">
            <test isInternalUserID="true" realm="MAPLoginRealm"/>
            <test isInternalDeviceID="true" realm="MAPLoginRealm" />
        </customSecurityTest>
        -->
    </securityTests>
    <realms>
        <realm loginModule="StrongDummy" name="SampleAppRealm">
            <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
        </realm>
        <realm loginModule="MAPLoginModule" name="MAPLoginRealm">
            <className>com.worklight.core.auth.ext.DeviceAutoProvisioningAuthenticator</className>
            <parameter name="validate-csr-function" value="Authenticator.validateCSR"/>
        </realm>
    </realms>
    <loginModules>
        <loginModule expirationInSeconds="-1" name="StrongDummy">
            <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
        </loginModule>
        <loginModule expirationInSeconds="-1" name="requireLogin">
            <className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
        </loginModule>
        <loginModule expirationInSeconds="-1" name="MAPLoginModule">
            <className>com.worklight.core.auth.ext.DeviceAutoProvisioningLoginModule</className>
            <parameter name="validate-certificate-function" value="Authenticator.validateCertificate"/>
        </loginModule>
    </loginModules>
</tns:loginConfiguration>

这确实必须解决，因为我们已经在这个问题上停留了很长一段时间，而且我们没有想法。

.war 和 wlapp 文件在服务器上更新。

【问题讨论】：

如果您遇到困难并且需要帮助，作为 IBM 客户，您可以随时打开 PMR。
我的声明可能不正确，但请尝试在应用程序中将 **** 和 ***** 添加到您的 android 环境中-描述符.xml。相信既然你在添加securityTest，那么你需要完成配置。

标签： ibm-mobilefirst mobilefirst-server

【解决方案1】：

您似乎正在尝试实施设备配置。自动或自定义设备配置实施都需要启用应用程序真实性。见这里：https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-1/foundation/authentication-security/device-provisioning-concepts/

因此，您需要为应用程序真实性相应地配置您的 authenticationConfig.xml 和 application-descriptor.xml。见这里：https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-1/foundation/authentication-security/application-authenticity-protection/

【讨论】：