Productionising WL
Donal Spring
donalspr@uk.ibm.com
Agenda
- App Authenticity
- Adapter Versioning
-
Adapter Proxies
- Worklight Developer Settings
- Clustered Environments
- Code Minification
- AppCenter (Multiple or Single?)
- Getting "App Store" ready
app Authenticity
What is it?
Why is it important?
How do I do it?
authenticationConfig.xml :
<customSecurityTest name="AppAuth">
<test realm="wl_remoteDisableRealm" />
<test realm="wl_authenticityRealm" isInternalUserID="true"/>
<test realm="wl_deviceNoProvisioningRealm" isInternalDeviceID="true" />
</customSecurityTest>
application-descriptor.xml :
<iphone bundleId="com.ibm.myapp" version="1.0" securityTest="AppAuth">
<security> Additional settings here </security>
</iphone>
<android version="1.0" securityTest="AppAuth">
<security>
<publicSigningKey>Key extracted from keystore </publicSigningKey>
</security>
</android>
Access Disabled - Worklight server does not test the Authenticity of the app
Enabled, servicing - Worklight server tests the Authenticity of the app; if it fails it services the device anyway
Enabled, blocking - Worklight server tests the Authenticity of the app; if it fails it blocks the deviceGotcha's
This feature is not available on the Developer Edition
Unit Tests?
Differences to Adapter Auth?
Adapter Versioning
What is it?
Why is it important?
How do we implement it?
options {}
In the client code :
var options = { version: { major: 1, minor: 0, patch: 0 } }
WL.Client.invokeProcedure({
adapter : "RSSFeed",procedure : "getData",parameters : [options, "myTopic"]});
In the adapter code :
function getData (options, param) { if (options.version === 1){// do stuff for version one of the adapterinput = {method = "get",path = param,returnedContentType = "json"}return WL.Server.invokeHttp(input);} else if (options.version === 2){// adapter v2 mechanics// could also be used to call a new adapter:invocationData = { adapter : "RSSFeedV2",procedure : getData,parameters : [options, param]}return WL.Server.invokeProcedure(invocationData);};};
Gotcha's
If not done before v1 - cannot easily be added retrospectively
Adapter Proxies
What is it?
Why do we need it?
How do I implement it?
Example adapter code
<connectivity> <connectionPolicy xsi:type="http:HTTPConnectionPolicyType"> <protocol>http</protocol> <domain>mydomain.com</domain> <port>1080</port> <!--PROXY_SETTINGS--> <proxy> <protocol>http</protocol><domain>myproxydomain</domain><port>8080</port> </proxy> </connectionPolicy> <loadConstraints maxConcurrentConnectionsPerNode="10" /> </connectivity>
Can also add security to proxy
WORKLIGHT.PROPERTIES
<connectivity> <connectionPolicy xsi:type="http:HTTPConnectionPolicyType"> <protocol>http</protocol> <domain>mydomain.com</domain> <port>1080</port> <!--PROXY_SETTINGS--> <proxy> <protocol>${adapter.name.proxy.protocol}</protocol><domain>${adapter.name.proxy.domain}</domain><port>${adapter.name.proxy.port}</port></proxy> </connectionPolicy> <loadConstraints maxConcurrentConnectionsPerNode="10" /> </connectivity>
Manage These values
*without rebuilding WAR & Adapters
worklight.properties.$ENVIRONMENT
adapter.proxy.protocol=http adapter.proxy.domain=192.168.12.10 adapter.proxy.port=8080
In deploy-to-environment-ant.xml add <!--JNDI_PROPERTIES-->
Replace the string with worklight.properties values & install the war
Now in server.xml
<jndiEntry jndiName="worklight/adapter.proxy.protocol" value='"http"'/> <jndiEntry jndiName="worklight/adapter.proxy.domain" value='"192.188.12.10"'/><jndiEntry jndiName="worklight/adapter.proxy.port" value='"8080"'/>
Gotcha's
Once adapters are built with proxies they cannot be turned off
Adapter settings by ENVIRONMENT
In the adapter code:
var _domain = WL.Server.configuration["adapter.name.domain"];
var _UrlRoot = WL.Server.configuration["adapter.name.urlRoot"];
// transaction API need key and secret
var _transactionKey = WL.Server.configuration["adapter.name.transactionKey"];
var _sharedSecret = WL.Server.configuration["adapter.name.sharedSecret"];
In worklight.properties.$ENVIRONMENT
adapter.name.domain=mydomain.com
adapter.name.urlRoot=/context/url
adapter.name.transactionKey=koasdnfsdpopBLAH-BLAH-ornep1048e-0wfiadsk
adapter.name.sharedSecret=SHHHH!mySecretKeydifferent settings -> different environment
same adapter code!
Developer Settings
What is it?
Why do we need it?
How do i disable it?
in the application-descriptor.xml :
<iphone bundleId="com.ibm.myapp" version="1.0" securityTest="AppAuth">
<worklightSettings include="true"/>
<security>
<encryptWebResources enabled="false"/>
</security>
</iphone>
GOtcha's
if using alternative tooling (xctool) SETTINGS.bundle
Clustered Environment
What is it?
Why do we need it?
How do we implement it?
topology
Shared database
sticky session
Gotchas
Worklight is stateful -> It caches session state within the server memory
Code minification
Tools :
-
Closure
-
Shrinksafe
^ DOJO tools
Angular JS comes already minified
LESS for CSS
Logging
In your server.xml :
<include optional="true" location="server.CI.xml"/><server>
<logging traceSpecification=
"com.worklight.adapters=FINEST:com.worklight.integration=FINEST"
traceFileName="stdout" maxFileSize="20" maxFiles="2"
traceFormat="BASIC" />
</server>
cp / scp depending on what you need / where you are
IbM App Center
What is it?
Why do we need it?
How do we use it?
Single or multiple?
- App Center location burned in
- More than one App Center
- Enabling Test teams
- Reviews / feedback on the app
- Bundle Ids (multiple / single)
- Drop down interface
- Mark as Installer & Hidden URL
How do i get App Center?
Show app center demo
APPle
App Center does not come pre built or signed
iOS 7.1 issue / SSL
PREPARING FOR APPSTORE
What is it?
Why do we do it?
How do we do it?
Android
Its easy for android
Pay the fee, sign the app & you're away
Can use Play Store Beta & Alpha testing facilities
50mb file size
Apple
It's complicated....!
- Signing the App (Key Chain)
- Provisioning the App
- Enterprise licence Vs Developer licence
- App Store ready & IBM App Center
Productionising Worklight
By Donal Spring
