我可以使用 NSURLCredentialStorage 进行 HTTP 基本身份验证吗? [英] Can I use NSURLCredentialStorage for HTTP Basic Authentication?

问题描述

我设置了一个可可类，我想用它来连接到我正在构建的 RESTful Web 服务.我决定像这样在我的 PHP 后端使用 HTTP 基本身份验证......

I have a cocoa class set up that I want to use to connect to a RESTful web service I'm building. I have decided to use HTTP Basic Authentication on my PHP backend like so…

<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="My Realm"');
    header('HTTP/1.0 401 Unauthorized');
    //Stuff that users will see if they click 'Cancel'
    exit;
}
else {
    //Validation Code
    echo "You entered info.";
}
?>

此时我使用的是同步 NSURLConnection，据我所知，Apple 文档声明对身份验证的支持较少.

At this point I'm using a synchronous NSURLConnection, which I understand the Apple documentation states has less support for Authentication.

但它甚至可能吗?我可以非常轻松地进行 cookie 身份验证，无需 NSURLProtectionSpaces 或 NSURLCredentials 或任何身份验证类.另外，是否有任何资源可以让我阅读有关 Cocoa 身份验证类的更多信息?

But is it even possible at all? I can do cookie authentication very easily sans NSURLProtectionSpaces or NSURLCredentials or any of the authentication classes. Also, are there any resources where I can read more about the Cocoa Authentication classes?

谢谢.

更新:mikeabdullahuk您提供的代码(第二个示例)与我编写的代码几乎相同.我做了更多调查，发现 NSURLConnection 正在返回错误......

UPDATE: mikeabdullahuk The code you supplied (the second example) is almost identical to what I had written. I have done some more investigating, and discovered that the NSURLConnection is returning an error…

Error Domain=NSURLErrorDomain Code=-1012 UserInfo=0x1a5170 "Operation could not be completed. (NSURLErrorDomain error -1012.)"

代码对应NSURLErrorUserCancelledAuthentication.所以显然我的代码没有访问 NSURLCredentialStorage 而是取消身份验证.这可能与 PHP HTTP 身份验证功能有关吗?我现在很困惑.

The code corresponds to NSURLErrorUserCancelledAuthentication. So apparently my code is not accessing the NSURLCredentialStorage and instead is canceling the authentication. Could this have anything to do with the PHP HTTP Authentication functions? I'm quite confused at this point.

推荐答案

同步 NSURLConnection 绝对可以与 NSURLCredentialStorage 一起使用.以下是通常的工作方式:

A synchronous NSURLConnection will absolutely work with NSURLCredentialStorage. Here's how things usually work:

1. NSURLConnection 从服务器请求页面
2. 服务器回复 401 响应
3. NSURLConnection 查看它可以从 URL 收集哪些凭据
4. 如果 URL 未提供完整凭据(用户名和密码)，NSURLConnection 还将咨询 NSURLCredentialStorage 以填补空白莉>
5. 如果尚未确定完整的凭据仍然，NSURLConnection 将发送 -connection:didReceiveAuthenticationChallenge: 委托方法要求凭据
6. 如果 NSURLConnection 现在终于拥有完整的凭据，它会重试原始请求，包括授权数据.

1. NSURLConnection requests the page from the server
2. The server replies with a 401 response
3. NSURLConnection looks to see what credentials it can glean from the URL
4. If the URL did not provide full credentials (username and password), NSURLConnection will also consult NSURLCredentialStorage to fill in the gaps
5. If full credentials have still not been determined, NSURLConnection will send the -connection:didReceiveAuthenticationChallenge: delegate method asking for credentials
6. If the NSURLConnection now finally has full credentials, it retries the original request including authorization data.

通过使用同步连接方法，您只会失去第 5 步，即提供自定义身份验证的能力.因此，您可以在 URL 中预先提供身份验证凭据，或者在发送请求之前将它们放在 NSURLCredentialStorage 中.例如

By using the synchronous connection method, you only lose out on step 5, the ability to provide custom authentication. So, you can either pre-provide authentication credentials in the URL, or place them in NSURLCredentialStorage before sending the request. e.g.

NSURLRequest *request =
  [NSURLRequest requestWithURL:[NSURL URLWithString:@"http://user:pass@example.com"]];

[NSURLConnection sendSynchronousRequest:request returningResponse:NULL error:NULL];

或:

NSURLCredential *credential = [NSURLCredential credentialWithUser:@"user"
                                                         password:@"pass"
                                                      persistence:NSURLCredentialPersistenceForSession];

NSURLProtectionSpace *protectionSpace = [[NSURLProtectionSpace alloc]
  initWithHost:@"example.com"
  port:0
  protocol:@"http"
  realm:nil
  authenticationMethod:nil];


[[NSURLCredentialStorage sharedCredentialStorage] setDefaultCredential:credential
                                                    forProtectionSpace:protectionSpace];
[protectionSpace release];

NSURLRequest *request =
  [NSURLRequest requestWithURL:[NSURL URLWithString:@"http://example.com"]];

[NSURLConnection sendSynchronousRequest:request returningResponse:NULL error:NULL];

这篇关于我可以使用 NSURLCredentialStorage 进行 HTTP 基本身份验证吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！