基本访问身份验证

时间:2016-04-21 09:53:30

标签: ios objective-c https

我无法从服务器获取有关用户的信息。

因为我使用这些:

用户:" username@company.com"

传递:" 1234abcd"

主持人:" www.host.com"

https://username@company.com:1234abcd@www.host.com/user.xml

NSData * returnData = [NSURLConnection sendSynchronousRequest:request returningResponse:& response error:& errorServer];

出错我有这个

Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9847, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7f9c7be02f50 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://username@company.com:1234abcd@www.host.com/user.xml, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9847, _kCFStreamPropertySSLClientCertificateState=0, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://username@company.com:1234abcd@www.host.com/user.xml, _kCFStreamErrorCodeKey=-9847}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://username@company.com:1234abcd@www.host.com/user.xml, NSErrorFailingURLStringKey=https://username@company.com:1234abcd@www.host.com/user.xml, _kCFStreamErrorDomainKey=3}

根据维基百科的文章https://en.wikipedia.org/wiki/Basic_access_authentication 网址模板看起来不错

  

网址编码   通过将用户名:password @添加到URL中的主机名,客户端可以在访问基本访问身份验证时避免登录提示。例如,以下内容将使用安全HTTPS协议访问网站www.example.com上的页面index.html,并通过基本授权提供用户名Aladdin和密码OpenSesame凭据:

https://Aladdin:OpenSesame@www.example.com/index.html

是的,我设置了#34;应用传输安全设置" 

<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>

我做错了什么?

4 个答案:

答案 0 :(得分:0)

尝试此操作可能对您有所帮助 - 在info.plist文件

中添加 
<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>uservoice.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSExceptionRequiresForwardSecrecy</key>
            <false/>
        </dict>
    </dict>
</dict>

答案 1 :(得分:0)

您可以尝试以下两种方法之一,然后在此处发布日志,以便我们调查并为您提供帮助。

- (void)approach1 {
    NSString *host = @"https://www.host.com";
    NSURL *url = [NSURL URLWithString:host];

    NSString *userName = @"username@company.com";
    NSString *password = @"1234abcd";

    NSString *credentialString = [NSString stringWithFormat:@"%@:%@", userName, password];
    NSString *basicAuthString = [NSString stringWithFormat:@"Basic %@", [[credentialString dataUsingEncoding:NSUTF8StringEncoding] base64EncodedStringWithOptions:0]];

    NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:url];
    [request setValue:basicAuthString forHTTPHeaderField:@"Authorization"];

    [[NSURLSession sharedSession] dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {

    }];
}

- (void)approach2 {
    NSString *host = @"https://www.host.com";
    NSURL *url = [NSURL URLWithString:host];

    NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:url];

    NSURLSession *session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration defaultSessionConfiguration] delegate:self delegateQueue:nil];
    [session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {

    }];
}

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge
 completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * __nullable credential))completionHandler {
    NSString *userName = @"username@company.com";
    NSString *password = @"1234abcd";
    NSURLCredential *cred = [NSURLCredential credentialWithUser:userName password:password persistence:NSURLCredentialPersistenceNone];
    completionHandler(NSURLSessionAuthChallengeUseCredential, cred);
}

答案 2 :(得分:0)

当您的服务器的SSL证书已过期或缺少根CA时,也会显示此错误。

在这些网站上查看服务器的SSL证书:

https://www.sslshopper.com/ssl-checker.html

https://www.digicert.com/help/

答案 3 :(得分:0)

所以,我找到了解决方案

我遇到了缓存冲突。 为此之前调用用户的第二次信息我们必须为清理NSURLCredentialStorage和Cache

执行此操作 
- (void)clearCacheAndCookies

{     NSDictionary * credentialsDict = [[NSURLCredentialStorage sharedCredentialStorage] allCredentials]; 

if ([credentialsDict count] > 0)
{
    // the credentialsDict has NSURLProtectionSpace objs as keys and dicts of userName => NSURLCredential
    NSEnumerator *protectionSpaceEnumerator = [credentialsDict keyEnumerator];
    id urlProtectionSpace;

    // iterate over all NSURLProtectionSpaces
    while (urlProtectionSpace = [protectionSpaceEnumerator nextObject])
    {
        NSEnumerator *userNameEnumerator = [[credentialsDict objectForKey:urlProtectionSpace] keyEnumerator];
        id userName;

        // iterate over all usernames for this protectionspace, which are the keys for the actual NSURLCredentials
        while (userName = [userNameEnumerator nextObject])
        {
            NSURLCredential *cred = [[credentialsDict objectForKey:urlProtectionSpace] objectForKey:userName];
            [[NSURLCredentialStorage sharedCredentialStorage] removeCredential:cred forProtectionSpace:urlProtectionSpace];
        }
    }
}

NSHTTPCookieStorage *cookies = [NSHTTPCookieStorage sharedHTTPCookieStorage];
NSArray *radioBookMarkCookies = [cookies cookiesForURL:[NSURL URLWithString:@"serverURL"]];
for (NSHTTPCookie* cookie in radioBookMarkCookies)
{
    [cookies deleteCookie:cookie];
}

}

相关问题
最新问题