IBM Worklight v5.0.5 > Develop IBM Worklight applications > Authentication configuration

The authentication configuration file


Authentication components, security tests, realms, login modules, and authenticators are configured in the authentication configuration file...

A web security test or mobile security test must contain a <testUser> element that specifies realm name.

   <mobileSecurityTest name="mobileTests">
       <testAppAuthenticity/> 
       <testDeviceId provisioningType="none" />
       <testUser realm="myMobileLoginForm" />
   </mobileSecurityTest>

   <webSecurityTest name="webTests">
       <testUser realm="myWebLoginForm"/>
   </webSecurityTest>

The definition of a realm includes the class name of an authenticator, and a reference to a login module. Authenticators collect client information, and then use login modules to verify this information.

Worklight web application authorization, other than for the Application Center, is also configured in authenticationConfig.xml, in the <resource> element.

The configuration file has the following structure:

<?xml version="1.0" encoding="UTF-8"?>

<tns:loginConfiguration xmlns:tns="http://www.worklight.com/auth/config" 
                        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <staticResources>
        <resource> … </resource>
        <resource> … </resource>
    </staticResources>

    <realms>
        <realm> … </realm>
        <realm> … </realm>
    </realms>

    <loginModules>
        <loginModule> … </loginModule>
        <loginModule> … </loginModule>
    </loginModules>

</tns:loginConfiguration>


Parent Authentication configuration