我在iOS编程中遇到了一些身份验证问题.我有一个代码在
Windows 2003上完美地对抗IIS6,但在带有IIS7的Windows Server 2008上不起作用.两台服务器上的安全选项相同(无匿名访问和“集成Windows身份验证”).
这是“didReceiveAuthenticationChallenge”委托的代码:
-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:
(NSURLAuthenticationChallenge *)challenge
{
//USE STORED CREDENTIALS
Credentials* cred = [[Credentials alloc] init];
NSString* userName = cred.userName;
NSString* pass = cred.pass;
NSString* authMethod = [[challenge protectionSpace] authenticationMethod];
//Kerberos (Negotiate) needs "user@realm" as username
//NTLM Needs domain\\username
if ([authMethod isEqualToString:NSURLAuthenticationMethodNTLM]) {
userName = [NSString stringWithFormat:@"%@%@", @"es\\" , userName];
}
if ([authMethod isEqualToString:NSURLAuthenticationMethodNegotiate]) {
userName = [NSString stringWithFormat:@"%@%@", userName, @"@subdomain.domain.com"];
}
NSLog(@"Auth method in use: %@" , authMethod);
NSLog(@"User: %@" , userName);
NSLog(@"Pass: %@" , pass);
if ([challenge previousFailureCount] <= 1) {
NSLog(@"received authentication challenge");
NSURLCredential *credential;
credential = [NSURLCredential
credentialWithUser:userName
password:pass
persistence:NSURLCredentialPersistenceForSession];
[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
}
else {
NSLog(@"Authentication error");
NSLog(@"Failed login with status code: %d", [(NSHTTPURLResponse*)[challenge failureResponse]statusCode]);
[[challenge sender] cancelAuthenticationChallenge:challenge];
}
}
最佳答案 最后,我发现了错误…问题与Windows 2008 IIS7服务器上的身份验证方法有关.
使用“集成Windows身份验证”时,服务器可以使用NTLM或Kerberos.我的2008服务器总是使用kerberos,即使这些机器上没有配置Kerberos.
解决方案是编辑IIS Metabase以强制NTML身份验证.