We have implemented a hybrid mobile app using latest version of MFP 7.0, also server side. Running the app on Mac with Xcode7 and testing in the iOS9 simulator but it failed when making login action.
We used native code to get access to internal firewall, and then connect to WL server via WL.Client.connect, and we saw some exception print out on console of xcode as following:
2015-10-07 19:16:48.320 TestApp[7608:514098] [DEBUG] [WL_AFHTTPCLIENTWRAPPER_PACKAGE] -[WLAFHTTPClientWrapper requestFailed:error:] in WLAFHTTPClientWrapper.m:335 :: Response Status Code : 403 2015-10-07 19:16:48.322 TestApp[7608:514098] [DEBUG] [WL_AFHTTPCLIENTWRAPPER_PACKAGE] -[WLAFHTTPClientWrapper requestFailed:error:] in WLAFHTTPClientWrapper.m:336 :: Response Error : Expected status code in (200-299), got 403
2015-10-07 19:16:48.323 TestApp[7608:514098] [ERROR] [WL_REQUEST] -[WLRequest requestFailed:error:] in WLRequest.m:477 :: Status code='403' error='Expected status code in (200-299), got 403' response='/-secure- {"reason":"App authenticity security check failed"}/' 2015-10-07 19:16:48.323 TestApp[7608:514098] [DEBUG] [WL_REQUEST] -[WLRequest requestFailed:error:] in WLRequest.m:480 :: Response Header: { Connection = "Keep-Alive"; "Content-Language" = "en-US"; "Content-Type" = "application/json; charset=UTF-8"; Date = "Wed, 07 Oct 2015 11:16:44 GMT"; "Keep-Alive" = "timeout=10, max=97"; "Transfer-Encoding" = Identity; "X-Powered-By" = "Servlet/3.0"; }
Response Data:
/-secure- {"reason":"App authenticity security check failed"}/ 2015-10-07 19:16:53.064 TestApp[7608:514605] [ERROR] [NONE] [/apps/services/api/TestApp/iphone/init] failure. state: 200, response: undefined 2015-10-07 19:16:53.064 TestApp[7608:514170] [DEBUG] [NONE] Client registration failed with error: {"status":200,"responseHeaders":{},"responseText":"The operation couldn’t be completed. (WL_AUTH error 0.)","invocationContext":null}
After a private chat, it was apparent that the failure is regarding Application Authenticity Protection which is actually not wanted to be used.
As such the solution to is verify that the authenticity security test is not being applied in the authenticationConfig.xml file, re-build the project to ensure to change is included in the generated .war file and to then re-deploy the updated .war file to the remote server in order to ensure that the server will not send an authenticity challenge as the application attempts to connect to the MobileFirst Server.