Re: Questions on when credentials are used in NSURLSessionDownloadTask

Mon, 20 Apr 2015 02:23:10 -0700 

On 19 Apr 2015, at 03:36, Daryle Walker <[email protected]> wrote:

> I was originally going to go with adding the username/password credential 
> inside the session configuration’s credential store [...]

Just FYI, I'd recommend against pre-populating the credential store.  IMO it's 
much better to respond to authentication challenges.

                   *                   *                   *

Having said that, you need to make sure you respond to the /right/ challenges.  
An authentication challenge handler should always have this general structure:

- (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task 
    didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge 
    completionHandler:(...))completionHandler
{
    if ([challenge.protectionSpace.authenticationMethod isEqual:xxx]) {
        ... handle the xxx challenge ...
    } else if ([challenge.protectionSpace.authenticationMethod isEqual:yyy]) {
        ... handle the yyy challenge ...
    } else {
        completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
    }
}

That is, you should specifically look for the challenges you care about and 
handle those explicitly.  If you get a challenge you don't care about, complete 
it with NSURLSessionAuthChallengePerformDefaultHandling.

With regards the differences between FTP vs HTTP challenges, you can run into 
issues with the difference between NSURLAuthenticationMethodDefault and 
NSURLAuthenticationMethodHTTP{Basic,Digest}.  In general I recommend that you 
handle all the password-based challenges (NSURLAuthenticationMethodDefault, 
NSURLAuthenticationMethodHTTP{Basic,Digest,NTLML}) in the same branch of your 
authentication challenge handler method.

Share and Enjoy
--
Quinn "The Eskimo!"                    <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      ([email protected])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com

This email sent to [email protected]

Reply via email to