wso2 身份服务器 5.7.0 如何为 Role1 编写脚本?
wso2 identity server 5.7.0 How write Script for Role1?
我想用这个 link:
https://docs.wso2.com/display/IS570/Adaptive+Authentication
我希望 Role1 无法登录到我的应用程序并编写此代码:
它不起作用,Role1 可以登录到我的应用程序。
怎么写这个脚本?
// Role-Based from Template...
// This script will step up authentication for any user belonging
// to one of the given roles
// If the user has any of the below roles, authentication will be stepped up
var rolesToStepUp = ['Role1'];
function onLoginRequest(context) {
executeStep(1, {
onSuccess: function (context) {
// Extracting authenticated subject from the first step
var user = context.currentKnownSubject;
// Checking if the user is assigned to one of the given roles
var hasRole = hasAnyOfTheRoles(user, rolesToStepUp);
if (hasRole) {
Log.info(user.username + ' Has one of Roles: ' + rolesToStepUp.toString());
return false;
}
}
});
}
// End of Role-Based.......
如果您没有收到日志 Log.info(user.username + ' Has one of Roles: ' + rolesToStepUp.toString());,请检查您的情况。如果您的角色是内部角色,请按如下方式更改 rolesToStepUp 变量并尝试。
var rolesToStepUp = ['Internal/Role1'];
查看 了解更多详情
为了让用户登录失败,只返回false是不行的。使用 sendError 效用函数 (https://docs.wso2.com/display/IS570/Adaptive+Authentication+JS+API+Reference#AdaptiveAuthenticationJSAPIReference-sendError(url,parameters))。
检查基于用户年龄的脚本是否使用 sendError (https://docs.wso2.com/display/IS570/Configuring+User-Age-Based+Adaptive+Authentication)
我想用这个 link:
https://docs.wso2.com/display/IS570/Adaptive+Authentication
我希望 Role1 无法登录到我的应用程序并编写此代码: 它不起作用,Role1 可以登录到我的应用程序。 怎么写这个脚本?
// Role-Based from Template...
// This script will step up authentication for any user belonging
// to one of the given roles
// If the user has any of the below roles, authentication will be stepped up
var rolesToStepUp = ['Role1'];
function onLoginRequest(context) {
executeStep(1, {
onSuccess: function (context) {
// Extracting authenticated subject from the first step
var user = context.currentKnownSubject;
// Checking if the user is assigned to one of the given roles
var hasRole = hasAnyOfTheRoles(user, rolesToStepUp);
if (hasRole) {
Log.info(user.username + ' Has one of Roles: ' + rolesToStepUp.toString());
return false;
}
}
});
}
// End of Role-Based.......
如果您没有收到日志
Log.info(user.username + ' Has one of Roles: ' + rolesToStepUp.toString());,请检查您的情况。如果您的角色是内部角色,请按如下方式更改rolesToStepUp变量并尝试。var rolesToStepUp = ['Internal/Role1'];查看
为了让用户登录失败,只返回false是不行的。使用
sendError效用函数 (https://docs.wso2.com/display/IS570/Adaptive+Authentication+JS+API+Reference#AdaptiveAuthenticationJSAPIReference-sendError(url,parameters))。 检查基于用户年龄的脚本是否使用 sendError (https://docs.wso2.com/display/IS570/Configuring+User-Age-Based+Adaptive+Authentication)