CODEWITHSUNDEEP
iphoneobjective-chttps
user552120
user552120

Reputation:

IOS https authentication

I want my application to authenticate against appliance i.e passing username and password over https.

I looked at few examples and basically build the following:

-(void)authentication
{
    //setting the string of the url taking from appliance IP.
    NSString *urlString =[NSString 
                          stringWithFormat:
                          @"http://%@",appliance_IP.text];
    //define the url with the string
    NSURL *url = [NSURL URLWithString:urlString];

    //creating request
    NSURLRequest *request = [NSURLRequest requestWithURL:url];

    //setting credential taking from the username and password field
    NSURLCredential *credential = [NSURLCredential credentialWithUser:username.text password:password.text persistence:NSURLCredentialPersistenceForSession];


    NSURLProtectionSpace *protectionSpace=
    [[NSURLProtectionSpace alloc]initWithHost:urlString port:443 protocol:@"https" realm:nil authenticationMethod:nil ];


    [[NSURLCredentialStorage sharedCredentialStorage] setDefaultCredential:credential forProtectionSpace:protectionSpace];

    [ NSURLConnection sendSynchronousRequest:request returningResponse:NULL error:NULL];

}

AS I use examples which I took I need some more understanding, NSURLConnection in the example above does not contain the username and password how do I add it ? so the request will also contain username and password or maybe there is better to pass that information. Currently the request only contain the url string.

Thanks ER

Upvotes: 5

Views: 8602

Answers (2)

Snips
Snips

Reputation: 6773

When making a request requiring authentication, you will receive a callback to didReceiveAuthenticationChallenge, which you handle as follows:

-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
   if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
   {
       if ([challenge.protectionSpace.host isEqualToString:MY_PROTECTION_SPACE_HOST])
       {
           [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
       }

       [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
   }
   else if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodHTTPBasic])
   {
      if ([challenge previousFailureCount] == 0)
      {
          NSURLCredential *newCredential;

          newCredential = [NSURLCredential credentialWithUser:MY_USERNAME
                        password:MY_PASSWORD
                        persistence:NSURLCredentialPersistenceForSession];

          [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
      }
      else
      {
          [[challenge sender] cancelAuthenticationChallenge:challenge];

          // inform the user that the user name and password
          // in the preferences are incorrect

          NSLog (@"failed authentication");

          // ...error will be handled by connection didFailWithError
      }
  }
}

Upvotes: 8

Dmitry
Dmitry

Reputation: 7350

You must use NSURLConnectionDelegate delegate to handle NSURLConnection events.

For authentication there are two delegates methods:connection:canAuthenticateAgainstProtectionSpace: and connection:didReceiveAuthenticationChallenge:

See examples in URL Loading System Programming Guide

Upvotes: 0

Related Questions