NSURLConnection - 禁用身份验证质询响应机制 [英] NSURLConnection - Disable the authentication challenge response mechanism

问题描述

情况

• 使用AFNetworking（NSURLConnection）访问我的服务器API


• API需要基本身份验证，令牌为用户名


• 当令牌无效时，API返回HTTP 401


• 我设置了基本身份验证标头在任何请求之前



• 如果它返回401，我会重试如下：

• Using AFNetworking (NSURLConnection) to access my server API
• The API needs Basic Authentication with token as username
• The API returns HTTP 401 when token is invalid
• I set the Basic Authentication headers before any request

• If it returns 401, I retry like this:

AFHTTPRequestOperation *requestOperation = [MyHTTPClient.sharedClient HTTPRequestOperationWithRequest:request success:^(AFHTTPRequestOperation *operation, id responseObject) {
    processSuccessBlock(operation, responseObject);
} failure:^(AFHTTPRequestOperation *operation, NSError *error) {
    processFailureBlock(operation, error);

    if (operation.response.statusCode == 401)
        [MyHTTPClient.sharedClient refreshTokenAndRetryOperation:operation success:processSuccessBlock failure:processFailureBlock];
}];

问题

• 当服务器返回带有基本身份验证质询的HTTP 401时，AFNetworking / NSURLConnection 发送相同的请求两次（初始值）请求，然后回答身份验证质询）


• 但由于上面的代码我自己处理HTTP 401，这完全没必要，我想要它停止自动回答身份验证质询

• When the server returns HTTP 401 with a Basic Authentication challenge, AFNetworking/NSURLConnection sends the identical request twice (initial request and then in answer to the authentication challenge)
• But because of the code above that I handle the HTTP 401 myself, this is totally unnecessary and I want it to stop answering the authentication challenge automatically

我做了什么

• 回复 cancelAuthenticationChallenge：到 willSendRequestForAuthenticationChallenge：正在中止第二次调用，但它给出错误代码-1012（NSURLErrorUserCancelledAuthentication）而不是401并掩盖真实的回复

• Responding with cancelAuthenticationChallenge: to willSendRequestForAuthenticationChallenge: is aborting the second call, but it gives the error code -1012 (NSURLErrorUserCancelledAuthentication) instead of 401 and masks the real response

怎么做您禁用身份验证质询响应机制，以便获得服务器响应没有调用两次？

推荐答案

您有几个选项可以完全自定义身份验证处理：

You have a few of options to fully customize the authentication handling:

1. 利用 setWillSendRequestForAuthenticationChallengeBlock：和 setAuthenticationAgainstProtectionSpaceBlock： 来自类 AFURLConnectionOperation 并设置相应的块，您可以在其中定制所需的机制。

1. Utilize setWillSendRequestForAuthenticationChallengeBlock: and setAuthenticationAgainstProtectionSpaceBlock: from class AFURLConnectionOperation and set corresponding blocks where you can tailor the mechanism you require.

标题包含文档。

在<$ c $的子类中覆盖 connection：willSendRequestForAuthenticationChallenge： C> AFURLConnectionOperation 。这将有效地覆盖AFNetworking中的完整身份验证机制设置。

Override connection:willSendRequestForAuthenticationChallenge: in a subclass of AFURLConnectionOperation. This will effectively override the complete authentication mechanism setup in AFNetworking.

注意，您无法禁用服务器验证客户端身份身份验证挑战 - 这是服务器的一部分。您必须为所请求的身份验证方法提供正确的凭据。

Note, that you cannot disable the "server validates client identity" authentication challenge -- this is part of the server. You MUST provide the correct credentials for the requested authentication method.

这篇关于NSURLConnection - 禁用身份验证质询响应机制的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！