堆栈内存溢出
  简体   繁体   English

如何在IBM Worklight 6.0中实现OAUTH 2.0

[英]How to implement OAUTH 2.0 in IBM Worklight 6.0

 原文  2013-08-26 07:30:26       oauth/ ibm-mobilefirst/ worklight-adapters/ worklight-security/ worklight-server

问题描述

In my app I have implemented Login module auth security by implementing security realms. 在我的应用程序中,我通过实现安全领域实现了Login模块auth安全性。 But i am thinking of implementing a OAUTH2.0 authentication where user will be authenticated once I will get a token and re-validate than on app starts. 但我正在考虑实施OAUTH2.0身份验证,一旦我获得令牌并重新验证而不是在应用程序启动时,将对用户进行身份验证。

So please one guide what are the prerequisites to implement this. 因此,请指导实施此操作的先决条件。 Can I achieve this by creating a custom authentication module ? 我可以通过创建自定义验证模块来实现此目的吗? Any guide sample code will be really helpful. 任何指南示例代码都会非常有用。

2 个解决方案

解决方案1
 2  2014-04-16 14:09:23

There is an article that was published that shows how to use OAuth with inappbrowser and Worklgiht using LinkedIn found at the following location: 已发布一篇文章,其中显示了如何在以下位置使用带有inappbrowser和Worklgiht的OAuth:

http://www.ibm.com/developerworks/library/mo-worklight-linkedin/ http://www.ibm.com/developerworks/library/mo-worklight-linkedin/

This article is a great sample to getting you started using Worklight and OAuth. 本文是一个很好的示例,可帮助您开始使用Worklight和OAuth。 Let me know if you have any further questions 如果您有任何其他问题,请与我们联系

解决方案2
 1  2013-11-26 16:35:29

Take a look at this SO answer: https://stackoverflow.com/a/18172484/440934 看一下这个SO答案: https//stackoverflow.com/a/18172484/440934

Hybrid apps do not have a public URL that an OAuth provider can redirect to, but there are some tricks you can do with the child browser plugin to 'hack' around them (see the first link). 混合应用程序没有OAuth提供程序可以重定向到的公共URL,但是您可以使用子浏览器插件来“破解”它们(请参阅第一个链接)。 You can have your OAUTH provider redirect to a dummy URL that the child browser can intercept and parse the token from the URL (there are even some security concerns there). 您可以让您的OAUTH提供程序重定向到子浏览器可以拦截的虚拟URL,并从URL解析该令牌(这里甚至存在一些安全问题)。 OAuth2 gets even trickier when configured not to place a token in the redirect URL and instead placing it in the body or in a header. 当配置为不在重定向URL中放置令牌而是将其放在正文或标题中时,OAuth2变得更加棘手。 Child browser does not expose these details which means some more custom native work to grab them if that is your only route. 子浏览器不会公开这些详细信息,这意味着如果这是您唯一的路线,则可以使用更多自定义本机工作来获取它

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用PHP在服务器上实现GMail OAuth 2.0? - How can I implement GMail OAuth 2.0 on server using PHP? C#OAuth 2.0库-如何实现域模型 - C# OAuth 2.0 Library - How to Implement the Domain Model 如何使用RESTEasy在Google App Engine中实现oAuth 2.0? - How do I implement oAuth 2.0 in Google App Engine with RESTEasy? 使用护照实施Oauth 2.0身份验证机制 - Implement Oauth 2.0 authentication mechanism using passport 是否可以通过Google Sites API实施OAuth 2.0? - Is it possible to implement OAuth 2.0 with Google Sites API? 您如何使用 eSignature SDK 实现新的 DocuSign OAuth2.0 SOBO? - How do you implement the new DocuSign OAuth2.0 SOBO using eSignature SDK? Angular如何实现OAuth - Angular how to implement OAuth 使用Azure ACS和OAuth 2.0的Facebook风格的API访问方案:如何实现应用程序授权? - Facebook-style API access scenario with Azure ACS and OAuth 2.0: how to implement app authorization? 如何使用JavaScript实施OAuth - How to implement OAuth with JavaScript 如何在服务器上实施OAuth 2 - How to implement OAuth 2 on server
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM