ios https 和基本身份验证和 post 请求
我试图让上述三个功能正常工作,但有些东西没有点击。具体来说,身份验证请求在看起来应该被触发时却没有被触发。根据我在这里读到的内容,相关部分是:
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
NSLog(@"protection space");
return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
NSLog(@"auth challenge");
NSInteger count = [challenge previousFailureCount];
if (count > 0)
{
NSLog(@"count > 0");
NSObject<ServiceDelegate> *delegate = [currentRequest delegate];
[[challenge sender] cancelAuthenticationChallenge:challenge];
if ([delegate respondsToSelector:@selector(wrapperHasBadCredentials:)])
{
[delegate rbService:self wrapperHasBadCredentials:self];
}
return;
}
NSArray *trustedHosts = [[NSArray alloc] initWithObjects:@"myserver", nil];
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
{
NSLog(@"server trust");
if ([trustedHosts containsObject:challenge.protectionSpace.host])
{
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
}
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}
else
{
NSLog(@"credentials");
NSURLCredential* credential = [[[NSURLCredential alloc] initWithUser:@"xxx" password:@"xxx" persistence:NSURLCredentialPersistenceForSession] autorelease];
[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
}
}
目标服务器设置了两个 URL,一个 HTTPS 和一个 HTTP,两者都使用基本身份验证提示输入用户名/密码。我已经使用 Firefox 检查了目标服务器,一切似乎都按照广告进行。目标服务器使用不受信任的证书,但我想我已经在代码中解决了这个问题。也许不是。
应用程序中的具体行为:
使用 HTTP 时,日志显示:
日志-保护空间
(然后返回 401 代码)
使用 HTTPS 时:
日志-保护空间
日志 - 身份验证挑战
日志 - 服务器信任
日志-保护空间
(然后返回 401 代码)
在第一个实例中,它到达 canAuthenticate... 部分,返回,但随后不询问身份验证,并返回 401 响应。
在第二个实例中,它执行了所有这些操作,实际上执行了质询,然后再次转到 canAuthenticate... 部分,返回,并返回 401 响应。
请记住,该请求是 POST 请求,包含标头和 HTTPBody。身份验证不包含在标头中(我宁愿不这样做),但如果没有其他解决方案,我会尝试这种方式。
一如既往,非常感谢您的帮助。这是无价的。
I'm trying to get the three above working properly, and something is not clicking. Specifically, the authentication request is not being triggered when it appears it should be. According to what I've read here, the relevant pieces are:
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
NSLog(@"protection space");
return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
NSLog(@"auth challenge");
NSInteger count = [challenge previousFailureCount];
if (count > 0)
{
NSLog(@"count > 0");
NSObject<ServiceDelegate> *delegate = [currentRequest delegate];
[[challenge sender] cancelAuthenticationChallenge:challenge];
if ([delegate respondsToSelector:@selector(wrapperHasBadCredentials:)])
{
[delegate rbService:self wrapperHasBadCredentials:self];
}
return;
}
NSArray *trustedHosts = [[NSArray alloc] initWithObjects:@"myserver", nil];
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
{
NSLog(@"server trust");
if ([trustedHosts containsObject:challenge.protectionSpace.host])
{
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
}
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}
else
{
NSLog(@"credentials");
NSURLCredential* credential = [[[NSURLCredential alloc] initWithUser:@"xxx" password:@"xxx" persistence:NSURLCredentialPersistenceForSession] autorelease];
[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
}
}
The target server is set up for two URLS, one HTTPS and one HTTP, both of which prompt for username/password using basic authentication. I've checked the target server using firefox and everything seems to work as advertised. The target server uses an untrusted cert, but I thought I'd taken care of that in the code. Maybe not.
The specific behavior in the application:
When using HTTP the log reads:
log - protection space
(then returns 401 code)
When using HTTPS:
log - protection space
log - auth challenge
log - server trust
log - protection space
(then returns a 401 code)
In the first instance, it gets to the canAuthenticate... section, returns, but then doesn't challenge for the authentication, and returns a 401 response.
In the second instance, it does all that, actually does challenge, then goes to the canAuthenticate... section again, returns, and returns a 401 response.
Keep in mind that the request is a POST request, complete with headers and an HTTPBody. The authentication is not included in the headers (I would rather not do that), but if there is no other solution I will try things that way.
As always, thank you very much for the help. It's priceless.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
看起来这里的答案必须与 POST 请求一起发送身份验证。我认为质询/响应过程会以某种方式自行将这些标头添加到请求中,但显然不是。
It looks like the answer here has to be sending the authentication along with the POST request. I was thinking that the challenge/response process would somehow add those headers to the request by itself, but apparently not.