Home/ Questions/Q 6566085
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T14:10:28+00:00

I’m trying to get the three above working properly, and something is not clicking.

  • 0

I’m trying to get the three above working properly, and something is not clicking. Specifically, the authentication request is not being triggered when it appears it should be. According to what I’ve read here, the relevant pieces are:

- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
    NSLog(@"protection space");
    return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
    NSLog(@"auth challenge");
    NSInteger count = [challenge previousFailureCount];
    if (count > 0)
    {
        NSLog(@"count > 0");
        NSObject<ServiceDelegate> *delegate = [currentRequest delegate];
        [[challenge sender] cancelAuthenticationChallenge:challenge];
        if ([delegate respondsToSelector:@selector(wrapperHasBadCredentials:)])
        {
            [delegate rbService:self wrapperHasBadCredentials:self];
        }
        return;
    }

    NSArray *trustedHosts = [[NSArray alloc] initWithObjects:@"myserver", nil];    
    if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
    {
        NSLog(@"server trust");
        if ([trustedHosts containsObject:challenge.protectionSpace.host])
        {
            [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
        }
        [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
    }
    else
    {
        NSLog(@"credentials");
        NSURLCredential* credential = [[[NSURLCredential alloc] initWithUser:@"xxx" password:@"xxx" persistence:NSURLCredentialPersistenceForSession] autorelease];
        [[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
    }

}

The target server is set up for two URLS, one HTTPS and one HTTP, both of which prompt for username/password using basic authentication. I’ve checked the target server using firefox and everything seems to work as advertised. The target server uses an untrusted cert, but I thought I’d taken care of that in the code. Maybe not.

The specific behavior in the application:

When using HTTP the log reads:
log – protection space
(then returns 401 code)

When using HTTPS:
log – protection space
log – auth challenge
log – server trust
log – protection space
(then returns a 401 code)

In the first instance, it gets to the canAuthenticate… section, returns, but then doesn’t challenge for the authentication, and returns a 401 response.

In the second instance, it does all that, actually does challenge, then goes to the canAuthenticate… section again, returns, and returns a 401 response.

Keep in mind that the request is a POST request, complete with headers and an HTTPBody. The authentication is not included in the headers (I would rather not do that), but if there is no other solution I will try things that way.

As always, thank you very much for the help. It’s priceless.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It looks like the answer here has to be sending the authentication along with the POST request. I was thinking that the challenge/response process would somehow add those headers to the request by itself, but apparently not.

    • 0