> On Apr 20, 2015, at 5:22 AM, Quinn The Eskimo! <[email protected]> wrote:
>
> Having said that, you need to make sure you respond to the /right/
> challenges. An authentication challenge handler should always have this
> general structure:
>
> - (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task
> didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge
> completionHandler:(...))completionHandler
> {
> if ([challenge.protectionSpace.authenticationMethod isEqual:xxx]) {
> ... handle the xxx challenge ...
> } else if ([challenge.protectionSpace.authenticationMethod isEqual:yyy]) {
> ... handle the yyy challenge ...
> } else {
> completionHandler(NSURLSessionAuthChallengePerformDefaultHandling,
> nil);
> }
> }
>
> That is, you should specifically look for the challenges you care about and
> handle those explicitly. If you get a challenge you don't care about,
> complete it with NSURLSessionAuthChallengePerformDefaultHandling.
Here’s what I got now:
> - (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task
> didReceiveChallenge:(NSURLAuthenticationChallenge
> *)challenge
> completionHandler:(void
> (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential
> *))completionHandler {
> if (self.usernameAndPassword &&
> ([challenge.protectionSpace.authenticationMethod
> isEqual:NSURLAuthenticationMethodDefault] ||
> [challenge.protectionSpace.authenticationMethod
> isEqual:NSURLAuthenticationMethodHTTPBasic] ||
> [challenge.protectionSpace.authenticationMethod
> isEqual:NSURLAuthenticationMethodHTTPDigest] ||
> [challenge.protectionSpace.authenticationMethod
> isEqual:NSURLAuthenticationMethodNTLM])) {
> // Password-based authentication
> completionHandler([challenge.proposedCredential
> isEqual:self.usernameAndPassword] ?
> NSURLSessionAuthChallengeRejectProtectionSpace :
> NSURLSessionAuthChallengeUseCredential, self.usernameAndPassword);
> } else {
> completionHandler(NSURLSessionAuthChallengePerformDefaultHandling,
> nil);
> }
> }
The URLs I’m testing on are: http://httpbin.org/basic-auth/hello/there and
http://httpbin.org/digest-auth/auth/hello/there
When creating a credential with username “hello” and password “there,” the
former URL succeeds (200) while the latter fails (401). It the “auth” in the
latter URL the right choice? (…Just tried “auth-init,” also doesn’t work.)
—
Daryle Walker
Mac, Internet, and Video Game Junkie
darylew AT mac DOT com
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com
This email sent to [email protected]
