I've set my authenticationConfig.xml to work with LTPAAuthentication in this way:
It works well with application where i require LTPA Authentication. But there are some apps deployed on the WL Console that not need any authentication, they just call adapters. From browser (PReview common resource) they work as well as before, but if i run them from my android i get those error on Logcat:
...................................... (all the login.html page)
It returns me the entire login.html page as it does with application that requires LTPA mobile test, here you can see the application-descriptor.xml that highlight no need of security tests:
Any suggestion?
EDIT: this is the adapter, it doesn't require security tests
So it looks like you have an adapter that you have protected using WASLTPA security that you want to be accessible by all devices regardless of whether or not they have been authenticated by the WASLTPARealm. I think the solution is to re-design how your security and adapters behave.
If you wish for an adapter to be called from an application that does not need to be authenticated, then don't protect the adapter using a security realm. If being logged into the WASLTPARealm is not a requirement for accessing the resources that this adapter is exposing, then there is no point in using the realm to protect it.
For the apps that do require login, you should separate the authentication logic from the adapter calls. You can still require the client to login in order to use the app and call adapters without having to protect the adapter with the security test. There are APIs to check if a user is logged in and to prompt them to login to a realm. You don't have to use the challenge sent back from adapter to prompt a login.
An adapter should be protected by a security test only if being logged into that realm defined by the security test is a requirement for using that adapter. From reading your post, it does not seem to be a requirement.
I have a strong feeling that in your browser you have an LTPA token which is why this is working from an app that hasn't logged in to the LTPA realm. Try clearing your cookies and trying to do this again to confirm.