针对IIS7和Windows 2008的iOS“didReceiveAuthenticationChallenge”

我在iOS编程中遇到了一些身份验证问题.我有一个代码在
Windows 2003上完美地对抗IIS6,但在带有IIS7的Windows Server 2008上不起作用.两台服务器上的安全选项相同(无匿名访问和“集成Windows身份验证”).

这是“didReceiveAuthenticationChallenge”委托的代码:

-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:
(NSURLAuthenticationChallenge *)challenge 
{
//USE STORED CREDENTIALS
Credentials* cred = [[Credentials alloc] init];
NSString* userName = cred.userName;
NSString* pass = cred.pass;

NSString* authMethod = [[challenge protectionSpace] authenticationMethod];

//Kerberos (Negotiate) needs "user@realm" as username
//NTLM Needs domain\\username
if ([authMethod isEqualToString:NSURLAuthenticationMethodNTLM]) {
    userName = [NSString stringWithFormat:@"%@%@", @"es\\" , userName];
}
if ([authMethod isEqualToString:NSURLAuthenticationMethodNegotiate]) {
    userName = [NSString stringWithFormat:@"%@%@", userName, @"@subdomain.domain.com"];
}

NSLog(@"Auth method in use: %@" , authMethod);
NSLog(@"User: %@" , userName);
NSLog(@"Pass: %@" , pass);

if ([challenge previousFailureCount] <= 1) {
    NSLog(@"received authentication challenge");
    NSURLCredential *credential;
    credential = [NSURLCredential 
                     credentialWithUser:userName 
                     password:pass
                     persistence:NSURLCredentialPersistenceForSession];        

    [[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];

}
else {
    NSLog(@"Authentication error");
    NSLog(@"Failed login with status code: %d", [(NSHTTPURLResponse*)[challenge failureResponse]statusCode]);
    [[challenge sender] cancelAuthenticationChallenge:challenge];   
}   

}

最佳答案 最后,我发现了错误…问题与Windows 2008 IIS7服务器上的身份验证方法有关.

使用“集成Windows身份验证”时,服务器可以使用NTLM或Kerberos.我的2008服务器总是使用kerberos,即使这些机器上没有配置Kerberos.

解决方案是编辑IIS Metabase以强制NTML身份验证.

点赞