IBM Worklight Foundation V6.2, Mobile Application Development Set 1

An application developer has determined that Worklight does not provide an authenticator that meets the complex needs of the application being developed. It is decided that the developer must implement a custom authenticator. Which interface must the application developer implement?

An application developer has implemented certificate based authentication. The developer wants to enforce that the application immediately authenticates with a certificate when connecting to the Worklight server. What must the application developer do to configure this security setting for the Android environment?

An application developer is implementing the server-side components for custom device provisioning. To accomplish this task, the developer has created the adapter named ProvisioningAdapter. Finally, two functions must be added to complete the task. What must the two functions do that the application developer should add to the adapter?

An application developer is working with the Worklight administrator to secure a mobile application using adapter based authentication. The administrator provides the following configuration in the authenticationConfig.xml file. com.worklight.integration.auth.AdapterAuthenticator com.worklight.core.auth.ext.NonValidatingLoginModule What must the application developer do to ensure security is enforced as required?

An application developer is securing an application by using an adapter. The application developer has registered the following procedures in the adapters xml file. Which function must the application developer invoke in the authentication adapter at the end of the login sequence to consider the user's session authenticated?

An application developer has implemented the following security test to protect a mobile application. The corporate security team has recently learned about cross-site request forgery (XSRF) attacks against the company's website. The corporate security team wants to prevent further attacks and has asked the developer to protect the mobile application against XSRF attacks. What step must the application developer take to protect against XSRF attacks?

An application developer is implementing form-based authentication. The developer has created a challenge handler object to handle challenges from the SampleAppRealm by invoking createChallengeHandler on WL.Client as follows: var sampleAppRealmChallengeHandler = WL.Client.createChallengeHandler (SampleAppRealm); Which function of the challenge handler must the application developer implement?

An application developer wants to protect their application against specific malware and repackaging attacks by implementing application authenticity testing via the console. Per the requirements, the developer wishes to implement a check where the Worklight Server will test the authenticity of an application. If the application fails the authenticity check, the Worklight Server will output a message to the log containing relevant information, but the application will still run as expected. Which type of application authenticity should the application developer implement via the console with the above requirements?

An application developer is attempting to implement device single sign-on (SSO) as specified in the following example: Upon testing the configuration, the developer finds unexpected results, such as the Worklight project failing to start. What does the application developer need to do to bring the SSO configuration to a consistent state?

An application developer wants to retrieve the client-side logs of an Android application that is malfunctioning in the production environment. When is the captured log data sent to the server?