Basic access authentication

0
votes

I can not get information about user from server.

for it i use these:

user: "[email protected]"

pass: "1234abcd"

host: "www.host.com"

https://[email protected]:[email protected]/user.xml

NSData *returnData = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&errorServer];

at error I have this

Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9847, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7f9c7be02f50 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://[email protected]:[email protected]/user.xml, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFNetworkCFStreamSSLErrorOriginalValue=-9847, _kCFStreamPropertySSLClientCertificateState=0, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFStreamErrorDomainKey=3, NSErrorFailingURLKey=https://[email protected]:[email protected]/user.xml, _kCFStreamErrorCodeKey=-9847}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://[email protected]:[email protected]/user.xml, NSErrorFailingURLStringKey=https://[email protected]:[email protected]/user.xml, _kCFStreamErrorDomainKey=3}

according to article of wikipedia https://en.wikipedia.org/wiki/Basic_access_authentication url template looks good

URL encoding A client may avoid a login prompt when accessing a basic access authentication by prepending username:password@ to the hostname in the url. For example, the following would access the page index.html at the web site www.example.com with the secure HTTPS protocol and provide the username Aladdin and the password OpenSesame credentials via basic authorization:

https://Aladdin:[email protected]/index.html

and yes i set "App Transport Security Settings"

<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>

What I do wrong?

4
iosobjective-chttps
You can't encode the usernam and password in the URL. You need to set the basic authentication headerPaulw11
in this case server give me wrong response (default data)Vit
Show the code where you are setting the headerPaulw11

4 Answers

0
votes

Try this it may help you- add this in info.plist File

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>uservoice.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSExceptionRequiresForwardSecrecy</key>
            <false/>
        </dict>
    </dict>
</dict>
0
votes

Could you try one of two approaches and then post the log here, so that we can investigate and help you.

- (void)approach1 {
    NSString *host = @"https://www.host.com";
    NSURL *url = [NSURL URLWithString:host];

    NSString *userName = @"[email protected]";
    NSString *password = @"1234abcd";

    NSString *credentialString = [NSString stringWithFormat:@"%@:%@", userName, password];
    NSString *basicAuthString = [NSString stringWithFormat:@"Basic %@", [[credentialString dataUsingEncoding:NSUTF8StringEncoding] base64EncodedStringWithOptions:0]];

    NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:url];
    [request setValue:basicAuthString forHTTPHeaderField:@"Authorization"];

    [[NSURLSession sharedSession] dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {

    }];
}

- (void)approach2 {
    NSString *host = @"https://www.host.com";
    NSURL *url = [NSURL URLWithString:host];

    NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:url];

    NSURLSession *session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration defaultSessionConfiguration] delegate:self delegateQueue:nil];
    [session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {

    }];
}

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge
 completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * __nullable credential))completionHandler {
    NSString *userName = @"[email protected]";
    NSString *password = @"1234abcd";
    NSURLCredential *cred = [NSURLCredential credentialWithUser:userName password:password persistence:NSURLCredentialPersistenceNone];
    completionHandler(NSURLSessionAuthChallengeUseCredential, cred);
}
0
votes

This error is also shown when your server's SSL certificate has expired or is missing a root CA.

Check your server's SSL certificate on these websites:

https://www.sslshopper.com/ssl-checker.html

https://www.digicert.com/help/

0
votes

so, I have found solution

I had conflict of cache. for this before call second time information of user we have to do this for clean NSURLCredentialStorage and Cache

- (void)clearCacheAndCookies

{ NSDictionary *credentialsDict = [[NSURLCredentialStorage sharedCredentialStorage] allCredentials];

if ([credentialsDict count] > 0)
{
    // the credentialsDict has NSURLProtectionSpace objs as keys and dicts of userName => NSURLCredential
    NSEnumerator *protectionSpaceEnumerator = [credentialsDict keyEnumerator];
    id urlProtectionSpace;

    // iterate over all NSURLProtectionSpaces
    while (urlProtectionSpace = [protectionSpaceEnumerator nextObject])
    {
        NSEnumerator *userNameEnumerator = [[credentialsDict objectForKey:urlProtectionSpace] keyEnumerator];
        id userName;

        // iterate over all usernames for this protectionspace, which are the keys for the actual NSURLCredentials
        while (userName = [userNameEnumerator nextObject])
        {
            NSURLCredential *cred = [[credentialsDict objectForKey:urlProtectionSpace] objectForKey:userName];
            [[NSURLCredentialStorage sharedCredentialStorage] removeCredential:cred forProtectionSpace:urlProtectionSpace];
        }
    }
}

NSHTTPCookieStorage *cookies = [NSHTTPCookieStorage sharedHTTPCookieStorage];
NSArray *radioBookMarkCookies = [cookies cookiesForURL:[NSURL URLWithString:@"serverURL"]];
for (NSHTTPCookie* cookie in radioBookMarkCookies)
{
    [cookies deleteCookie:cookie];
}

}