objective c - iOS useCredential: forAuthenticationChallenge is not using given credentials -
i have unusual use case , apple's usecredential:forauthenticationchallenge can't cope (or maybe it's me?).
the issue is, making 2 consecutive connections (the second called after first 1 has been completed) each different credentials (different client certificate):
[[nsurlconnection alloc] initwithrequest:request delegate:self startimmediately:yes];
urls of requests are:
https://my.url.com/ws/service1 https://my.url.com/ws/service2
then implement delegate's method:
- (void)connection:(nsurlconnection *)connection willsendrequestforauthenticationchallenge:(nsurlauthenticationchallenge *)challenge { if ([challenge previousfailurecount] != 0) { [[challenge sender] cancelauthenticationchallenge:challenge]; } nsurlcredential *newcredential = nil; nsurlprotectionspace *protectionspace = [challenge protectionspace]; if ([protectionspace.authenticationmethod isequaltostring:nsurlauthenticationmethodclientcertificate]) { if (isfirstrequest) { [[challenge sender] usecredential:credentials1 forauthenticationchallenge:challenge]; } else { [[challenge sender] usecredential:credentials2 forauthenticationchallenge:challenge]; } } }
credentials created identity (persistence flag has no effect whatsoever):
nsurlcredential* credential = [nsurlcredential credentialwithidentity:identityref certificates:certificates persistence:nsurlcredentialpersistencenone];
i'm sure both credentials valid , should working. first call successful. after when second request made, willsendrequestforauthenticationchallenge
method called , correct usecredential:forauthenticationchallange
called not change credentials , first ones used anyway!
from documentation of - usecredential:forauthenticationchallenge:
attempt use given credential given authentication challenge. (required) method has no effect if called authentication challenge has been handled.
is there way check if challenge has been handled or reset challenge system not use cached credentials?
i tried erase cached credentials code below (from so) returned 0 credentials:
- (void)erasecredentials { nsstring *urlstring = @"my.url.com"; nsurlcredentialstorage *credentialsstorage = [nsurlcredentialstorage sharedcredentialstorage]; nsdictionary *allcredentials = [credentialsstorage allcredentials]; if ([allcredentials count] > 0) { (nsurlprotectionspace *protectionspace in allcredentials) { if ([[protectionspace host] isequaltostring:urlstring]) { nsdictionary *credentials = [credentialsstorage credentialsforprotectionspace:protectionspace]; (nsstring *credentialkey in credentials) { [credentialsstorage removecredential:[credentials objectforkey:credentialkey] forprotectionspace:protectionspace]; } } } } }
note: tried add . or # after url mentioned in tls session cache or here @ stackoverflow don't think that's issue here because willsendrequestforauthenticationchallenge
called correctly multiple times expected...jest given credentials doesn't work.
update: request being built follows:
nsmutableurlrequest *request = [nsmutableurlrequest requestwithurl:[self resourceurlwithname:name] cachepolicy:nsurlrequestreloadignoringcachedata timeoutinterval:30]; [request sethttpshouldhandlecookies:no];
previously only:
nsmutableurlrequest *request = [nsmutableurlrequest requestwithurl:[self resourceurlwithname:name]];
but there no change in behaviour.
update 2: in end wasn't issue usecredential:forauthenticationchallenge: issue identities. 1 used seemed ok wasn't. see answer in this question
implement below delegate method
- (bool)connectionshouldusecredentialstorage:(nsurlconnection *)connection { return no; }
Comments
Post a Comment