我在 iOS 编程中遇到一些身份验证问题。我有一个代码可以完美地针对 Windows 2003 上的 IIS6,但不适用于带有 IIS7 的 Windows Server 2008。两台服务器上的安全选项相同(无匿名访问和“集成 Windows 身份验证”)。
这是“didReceiveAuthenticationChallenge”委托(delegate)的代码:
-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:
(NSURLAuthenticationChallenge *)challenge
{
//USE STORED CREDENTIALS
Credentials* cred = [[Credentials alloc] init];
NSString* userName = cred.userName;
NSString* pass = cred.pass;
NSString* authMethod = [[challenge protectionSpace] authenticationMethod];
//Kerberos (Negotiate) needs "user@realm" as username
//NTLM Needs domain\\username
if ([authMethod isEqualToString:NSURLAuthenticationMethodNTLM]) {
userName = [NSString stringWithFormat:@"%@%@", @"es\\" , userName];
}
if ([authMethod isEqualToString:NSURLAuthenticationMethodNegotiate]) {
userName = [NSString stringWithFormat:@"%@%@", userName, @"@subdomain.domain.com"];
}
NSLog(@"Auth method in use: %@" , authMethod);
NSLog(@"User: %@" , userName);
NSLog(@"Pass: %@" , pass);
if ([challenge previousFailureCount] <= 1) {
NSLog(@"received authentication challenge");
NSURLCredential *credential;
credential = [NSURLCredential
credentialWithUser:userName
password:pass
persistence:NSURLCredentialPersistenceForSession];
[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
}
else {
NSLog(@"Authentication error");
NSLog(@"Failed login with status code: %d", [(NSHTTPURLResponse*)[challenge failureResponse]statusCode]);
[[challenge sender] cancelAuthenticationChallenge:challenge];
}
最佳答案
最后,我找到了错误...问题与 Windows 2008 IIS7 服务器上的身份验证方法有关。
当您使用“集成 Windows 身份验证”时,服务器可以使用 NTLM 或 Kerberos。我的 2008 服务器总是使用 kerberos,即使这些机器上没有配置 Kerberos。
解决方案是编辑 IIS 元数据库以强制执行 NTML 身份验证。
关于针对 IIS7 和 Windows 2008 的 iOS "didReceiveAuthenticationChallenge",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/11986206/