<?xml version="1.0" encoding="UTF-8" standalone="no"?>
  
  <tns:loginConfiguration xmlns:tns="http://www.worklight.com/auth/config" 
                          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  

   <!-- Uncomment the next element to protect the worklight console -->

   <!-- 
   <staticResources>

      <resource id="worklightConsole" 
                securityTest="WorklightConsole">

       <urlPatterns>/console*</urlPatterns>

      </resource>

   </staticResources> 
   -->
  
   <securityTests>
     
       <customSecurityTest name="webTest">
           <test realm="wl_remoteDisableRealm" step="1"/>
           <test realm="wl_anonymousUserRealm" isInternalUserID="true"   step="1"/>
       </customSecurityTest>
     
       <customSecurityTest name="mobileTest">
           <test realm="wl_remoteDisableRealm" step="1"/>
           <test realm="wl_anonymousUserRealm"        isInternalUserID="true"   step="1"/>
           <test realm="wl_deviceNoProvisioningRealm" isInternalDeviceID="true" step="2"/>
       </customSecurityTest>

       <customSecurityTest name="WorklightConsole">
           <test realm="WorklightConsole" isInternalUserID="true"/>
       </customSecurityTest>
     
   </securityTests> 
   
   <realms>

       <realm loginModule="StrongDummy" 
              name="SampleAppRealm">

           <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>

       </realm>
    
       <realm loginModule="requireLogin" 
              name="WorklightConsole">

           <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>

           <onLoginUrl>/console</onLoginUrl>

       </realm>
    
       <!-- For websphere -->
       <!-- 
       <realm name="WASLTPARealm" loginModule="WASLTPAModule">

           <className>com.worklight.core.auth.ext.WebSphereFormBasedAuthenticator</className>
           <parameter name="login-page" value="/login.html"/>
           <parameter name="error-page" value="/loginError.html"/>

       </realm 
       -->

   </realms>
  
   <loginModules>

       <loginModule name="StrongDummy">
           <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
       </loginModule>
       
       <loginModule name="requireLogin">
           <className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
       </loginModule>
       
       <!-- For websphere -->
       <!-- 
       <loginModule name="WASLTPAModule">
           <className>com.worklight.core.auth.ext.WebSphereLoginModule</className>
       </loginModule 
       -->

   </loginModules>
  
</tns:loginConfiguration>