Graphics Programs Reference
In-Depth Information
For the More Curious: Credentials
When you try to access a web service, it will sometimes respond with an
authentication
challenge
, which means “Who the heck are you?” You then need to send a username and
password (a
credential
) before the server will send its genuine response.
There are objects that represent these ideas. When the challenge is received, your connec-
tion delegate is sent a message that includes an instance of
NSURLAuthentica-
tionChallenge
. The sender of that challenge conforms to the
NSURLAuthentica-
tionChallengeSender
protocol. If you want to continue to get the data, you send
back an instance of
NSURLCredential
, which typically looks something like this:
- (void)connection:(NSURLConnection *)conn
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
// Have I already failed at least once?
if ([challenge previousFailureCount] > 0) {
// Why did I fail?
NSError *failure = [challenge error];
NSLog(@"Can't authenticate: %@", [error localizedDescription]);
// Give up
[[challenge sender] cancelAuthenticationChallenge:challenge];
return;
}
// Create a credential
NSURLCredential *newCred =
[NSURLCredential credentialWithUser:@"sid"
password:@"MomIsCool"
persistence:NSURLCredentialPersistenceNone];
// Supply the credential to the sender of the challenge
[[challenge sender] useCredential:newCred
forAuthenticationChallenge:challenge];
}
If you are dealing with a more secure and sophisticated web service, it may want a certific-
ate (or certificates) to confirm your identity. Most, however, will just want a username and
a password.
Credentials can have persistence. There are three possibilities:
•
NSURLCredentialPersistenceNone
says to the URL loading system,
“Forget this credential as soon as you use it.”
