0
我們已經實施了帶LTPA令牌和Data Power的MobileFirst安全性。 Mobilefirst版本是7.0.0.00.20150729-1801。 DataPower 7.1.0.4。Mobilefirst直接更新LTPA身份驗證惠顧數據電源和錯誤SESN0008E
用戶認證和用戶會話正常運行。
Direct Update出現問題:應用程序上出現更新警報,但在按下更新按鈕後,出現更新警報並顯示更新失敗的錯誤消息。
在Mobilefirst /自由日誌文件中的錯誤是:
SESN0008E: a user authenticated as anonymous has attempted to access a session owned by ...
看來,LTPA令牌丟失。 Android應用logcat的是:
01-08 10:36:14.645: D/WL_DIRECT_UPDATE_MANAGER(17035): DirectUpdateManager.startUpdate.onDirectUpdateSuccess: {"totalSize":9833,"operation":"start"}
01-08 10:36:14.665: D/Dialog(17035): checkMirrorLinkEnabled returns : false
01-08 10:36:14.665: D/WL_DIRECT_UPDATE_CHALLENGE_HANDLER(17035): defaultListener.onStart: totalSize=9833
01-08 10:36:14.665: D/Dialog(17035): showing allowed
01-08 10:36:14.675: D/ProgressBar(17035): setProgressDrawable drawableHeight = 0
01-08 10:36:14.685: D/com.worklight.androidgap.directupdate.WLDirectUpdateDownloader(17035): WLDirectUpdateDownloader.downloadZipFile in WLDirectUpdateDownloader.java:144 :: Starting fresh download since app was changed on the server since last download attempt
01-08 10:36:14.735: W/PluginManager(17035): THREAD WARNING: exec() call to WLDirectUpdatePlugin.showProgressDialog blocked the main thread for 71ms. Plugin should use CordovaInterface.getThreadPool().
01-08 10:36:14.795: D/ProgressBar(17035): updateDrawableBounds: left = 0
01-08 10:36:14.795: D/ProgressBar(17035): updateDrawableBounds: top = 0
01-08 10:36:14.795: D/ProgressBar(17035): updateDrawableBounds: right = 405
01-08 10:36:14.795: D/ProgressBar(17035): updateDrawableBounds: bottom = 30
01-08 10:36:14.795: D/ProgressBar(17035): updateDrawableBounds: mProgressDrawable.setBounds()
01-08 10:36:14.885: D/com.worklight.androidgap.directupdate.WLDirectUpdateDownloader(17035): WLDirectUpdateDownloader.downloadZipFile in WLDirectUpdateDownloader.java:151 :: The server returned file different than expected application update zip file
01-08 10:36:14.905: D/com.worklight.androidgap.directupdate.WLDirectUpdateDownloader(17035): WLDirectUpdateDownloader.downloadZipFile in WLDirectUpdateDownloader.java:152 :: Response Data: Error 500: com.ibm.websphere.servlet.session.UnauthorizedSessionRequestException: SESN0008E: a user authenticated as anonymous has attempted to access a session owned by:WASLTPARealm/uid=xxxxx,cn=xxxx,cn=xxxx,ou=xxxxx,ou=xxxx,o=xxxx,c=xx.
01-08 10:36:14.915: D/WL_DIRECT_UPDATE_MANAGER(17035): DirectUpdateManager.startUpdate.onDirectUpdateSuccess: {"status":"FAILURE_UNKNOWN","operation":"finish"}
01-08 10:36:14.925: D/WL_DIRECT_UPDATE_CHALLENGE_HANDLER(17035): defaultListener.onFinish: status=FAILURE_UNKNOWN
01-08 10:36:14.935: D/WL_DIRECT_UPDATE_CHALLENGE_HANDLER(17035): defaultListener.onFinish: hideProgressDialog
01-08 10:36:14.935: D/Dialog(17035): checkMirrorLinkEnabled returns : false
01-08 10:36:14.935: D/Dialog(17035): showing allowed
顯然不包括DataPower的問題就會消失。 如何解決它?
我在server.xml文件中解決了在Liberty上設置httpSession屬性invalidateOnUnauthorizedSessionRequestException爲true的問題。
問候。
我們不希望在Liberty的server.xml中使用屬性 –
Netshound
我不明白。這是解決還是仍然是一個開放的問題? –
對不起。我寫完這個問題後不久就解決了。我用解決方案編輯了我的問題。我在server.xml文件中解決了在Liberty上將httpSession屬性invalidateOnUnauthorizedSessionRequestException設置爲true的設置。 – Netshound