iOS:在AuthenticationChallenge失败时触发NSURLErrorServerCertificateUntrusted而不是NSURLErrorCancelled [英] iOS: trigger NSURLErrorServerCertificateUntrusted instead of NSURLErrorCancelled when failing the AuthenticationChallenge
问题描述
我正在通过如何操作我是否出于开发目的使用iOS 7的NSURLSession及其委托方法系列接受自签名SSL证书?
I'm handling the server trust authentication challenge in a custom way (comparing the public key from the server trust with a hashed local version) through the urlSessionDelegate, similarly to how it is done here:
How do I accept a self-signed SSL certificate using iOS 7's NSURLSession and its family of delegate methods for development purposes?
如文档,如果我想使服务器信任身份验证失败,我需要取消挑战.这样做时,我的数据任务将以NSURLErrorCancelled完成.我有一些错误处理类,这些类查看datatask返回的结果NSURLError,如果我得到了NSURLErrorServerCertificateUntrusted,它将对我来说更加整洁.
As described in the documentation, I need to cancel the challenge if I want to fail the server trust authentication myself. When doing this, my data task will complete with the NSURLErrorCancelled. I have some error handling classes which look at the resulting NSURLError returned by the datatask, and it would be a lot cleaner for me if I got NSURLErrorServerCertificateUntrusted instead.
有没有办法做到这一点?还是仅在没有委托方法的情况下自动处理身份验证时才转发这些服务器错误?
Is there a way to achieve that? Or will those server errors only be forwarded when the authentication is handled automatically, without the delegate methods?
推荐答案
对所涉及证书的正常处理会因该错误而失败吗?
Would the normal handling of the certificate in question fail with that error?
如果是这样,您可以在这种情况下使用NSURLSessionAuthChallengePerformDefaultHandling.
If so, you could use NSURLSessionAuthChallengePerformDefaultHandling in that case.
如果没有,我认为唯一的方法就是与挑战发送者进行混战,这是极力劝阻的,尽管如果您调用它并随后调用适当的完成处理程序可能不会造成灾难性的后果.不过,您很有可能会得到两个回调.我从来没有尝试过.
If not, I think the only way would involve mucking around with the challenge sender, which is highly discouraged, though it might not be catastrophic if you call that and afterwards call the proper completion handler. There's a good chance you'd get two callbacks, though. I've never attempted this.
我的建议是向Apple提交错误,要求提供正确的API来传递NSError和取消消息.
My advice would be to file a bug with Apple asking for a proper API to pass an NSError along with cancellation.
这篇关于iOS:在AuthenticationChallenge失败时触发NSURLErrorServerCertificateUntrusted而不是NSURLErrorCancelled的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
