NSURLConnection,NSURLRequest,不受信任的证书和用户认证 [英] NSURLConnection, NSURLRequest, untrusted cert and user authentication
问题描述
早上每个人,
我一直在尝试编写一个应用程序,从需要身份验证的远程Web服务执行一些GET。我的主要问题是,这些远程服务器(和有很多)的大多数没有有效的证书。我有接受无效证书的代码和代码,以使用正确的uname&通过(下)。我的问题是让两个人在一起玩。我似乎找不到一个方式发送挑战 NSURLCredential
s或正确链接回调的方式。当我尝试链接它们时,我不能让我的 NSURLRequest
调用 didReceiveAuthenticationChallenge
两次。
验证码...
<$> p $ p>
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
if(!hasCanceled){
if challenge beforeFailureCount] == 0){
NSURLCredential * newCredential;
newCredential = [NSURLCredential credentialWithUser:_username password:_password persistence:NSURLCredentialPersistenceNone];
[[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
}
else {
[[challenge sender] cancelAuthenticationChallenge:challenge];
NSLog(@用户名或密码错误);
badUsernameAndPassword = YES;
finished = YES;
}
}
}
您只能使用该质询的凭据回复 NSURLAuthenticationChallenge
。您可以使用以下方式确定您收到的挑战类型:
[[challenge protectionSpace] authenticationMethod]
可能的值为此处记录。对于无效的服务器证书,身份验证方法将为 NSURLAuthenticationMethodServerTrust
。
if([challenge previousFailureCount]> 0){
//这里处理错误凭证
[[challenge sender] cancelAuthenticationChallenge:challenge];
return;
}
if([[challenge protectionSpace] authenticationMethod] == NSURLAuthenticationMethodServerTrust){
//检查用户以前是否已接受证书,否则提示
} else if([[challenge protectionSpace] authenticationMethod] == / *这里支持的认证方法* /){
[[challenge sender] useCredential:/ *你的用户凭证* / forAuthenticationChallenge:challenge];
}
如果您每次都没有获得两个身份验证质询,这不是错误。您可以在创建凭证时缓存凭据。如果您这样做,您将不必再次提示。
Morning Everyone,
I've been attempting to write an application that does some GETs from a remote Web Service that requires authentication. My main problem is that the majority of these remote servers (and there are a lot of them) don't have valid certificates. I've got code to accept the invalid certificate and code to respond to the challenge with the correct uname & pass (below). The problem I'm having is getting the two to play together. I can't seem to find a way to send the challenge both NSURLCredential
s or a way to chain the callbacks correctly. When I try to chain them I can't get my NSURLRequest
to call didReceiveAuthenticationChallenge
twice.
Any thoughts would be appreciated!
Code for Authentication...
-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
if(!hasCanceled){
if ([challenge previousFailureCount] == 0) {
NSURLCredential *newCredential;
newCredential=[NSURLCredential credentialWithUser:_username password:_password persistence:NSURLCredentialPersistenceNone];
[[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
}
else {
[[challenge sender] cancelAuthenticationChallenge:challenge];
NSLog(@"Bad Username Or Password");
badUsernameAndPassword = YES;
finished = YES;
}
}
}
You can only reply to an NSURLAuthenticationChallenge
with a credential for that challenge. You can determine what type of challenge you've received using:
[[challenge protectionSpace] authenticationMethod]
The possible values are documented here. In the case of an invalid server certificate, the authentication method will be NSURLAuthenticationMethodServerTrust
. In your code, you should check the authentication method and respond appropriately.
if ([challenge previousFailureCount] > 0) {
// handle bad credentials here
[[challenge sender] cancelAuthenticationChallenge:challenge];
return;
}
if ([[challenge protectionSpace] authenticationMethod] == NSURLAuthenticationMethodServerTrust) {
// check if the user has previously accepted the certificate, otherwise prompt
} else if ([[challenge protectionSpace] authenticationMethod] == /* your supported authentication method here */) {
[[challenge sender] useCredential:/* your user's credential */ forAuthenticationChallenge:challenge];
}
It's not an error if you don't get both authentication challenges each time. You can cache credentials when you create them. If you do, you won't necessarily be prompted again.
这篇关于NSURLConnection,NSURLRequest,不受信任的证书和用户认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!