Adapter-based authentication in hybrid applications
OverviewThis tutorial illustrates the client-side authentication components for adapter-based authentication in hybrid applications.
Prerequisite: Make sure that you read Adapter-based authentication first.
Creating the client-side authentication components
The application consists of two main
AppDivelement is used to display the application content.
AuthDivelement is used for authentication forms.
When authentication is required, the application hides the
AppDiv element and shows the
When authentication is complete, it does the opposite.
The buttons are used to call the
getSecretData procedure and to log out.
ResponseDiv element is used to display the
AuthInfoelement displays error messages.
AuthPasswordelements are used to enter credentials.
AuthCancelButtonsubmits or cancels the authentication request.
AuthDivelement is styled as
display:nonebecause it must not be displayed before authentication is requested by the server.
WL.Client.createChallengeHandler method to create a challenge handler object.
Supply a realm name as a parameter.
isCustomResponse function of the challenge handler is called each time a response is received from the server. That function is used to detect whether the response contains data that is related to this challenge handler. The function returns
isCustomResponse function returns
true, the framework calls the
handleChallenge function. This function is used to perform required actions, such as hide the application screen or show the login screen.
credentialsRequired, the function shows the login screen, cleans up the password field, and shows an error message (if applicable).
complete, the function shows
AuthDiv, and notifies the framework that authentication completed successfully.
In addition to the methods that the developer must implement, the challenge handler contains mandatory challenge handler functions that the developer must use:
submitAdapterAuthenticationfunction sends collected credentials to a specific adapter procedure. It has the same signature as the
submitSuccessfunction notifies the framework that the authentication process completed successfully. The framework then automatically issues the original request that triggered authentication.
submitFailurefunction notifies the framework that the authentication process completed with failure. The framework then disposes of the original request that triggered authentication.
Important: You must attach each of these functions to its object. For example:
Clicking the submit button triggers the function that collects the user name and the password from the HTML input fields and submits them to the adapter. Note the use of the
Click to download the MobileFirst project.
Inclusive terminology note: The Mobile First Platform team is making changes to support the IBM® initiative to replace racially biased and other discriminatory language in our code and content with more inclusive language. While IBM values the use of inclusive language, terms that are outside of IBM's direct influence are sometimes required for the sake of maintaining user understanding. As other industry leaders join IBM in embracing the use of inclusive language, IBM will continue to update the documentation to reflect those changes.