English 中文(简体)
How to display the Authentication Challenge in UIWebView?
原标题:

I am trying to access a secure website through UIWebView. When I access it through safari, i get an authentication challenge but the same does not appear in my UIWebView in the application. How can I make it appear?

Any pointers, sample code or links will be very helpful. Thanks a lot.

最佳回答

It s actually super easy... I m sure you can just show a UIAlertView when the auth challenge delegate is shown (or prior to loading the URL, if you know for sure that the URL you re hitting will prompt for auth login info). Anyways, the trick is to create your own NSURLConnection and I do some logic to save whether the auth delegate has been used.

- (BOOL)webView:(UIWebView *)webView shouldStartLoadWithRequest:(NSURLRequest *)request navigationType:(UIWebViewNavigationType)navigationType;
{
    NSLog(@"Did start loading: %@ auth:%d", [[request URL] absoluteString], _authed);

    if (!_authed) {
        _authed = NO;
        /* pretty sure i m leaking here, leave me alone... i just happen to leak sometimes */
        [[NSURLConnection alloc] initWithRequest:request delegate:self];
        return NO;
    }

    return YES;
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge;
{
    NSLog(@"got auth challange");

    if ([challenge previousFailureCount] == 0) {
        _authed = YES;
        /* SET YOUR credentials, i m just hard coding them in, tweak as necessary */
        [[challenge sender] useCredential:[NSURLCredential credentialWithUser:@"username" password:@"password" persistence:NSURLCredentialPersistencePermanent] forAuthenticationChallenge:challenge];
    } else {
        [[challenge sender] cancelAuthenticationChallenge:challenge];
    }
}

- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response;
{
    NSLog(@"received response via nsurlconnection");

    /** THIS IS WHERE YOU SET MAKE THE NEW REQUEST TO UIWebView, which will use the new saved auth info **/

    NSURLRequest *urlRequest = [NSURLRequest requestWithURL:[NSURL URLWithString:]];

    [_webView loadRequest:urlRequest];
}

- (BOOL)connectionShouldUseCredentialStorage:(NSURLConnection *)connection;
{
    return NO;
}
问题回答

You can also provide your credentials in the url. Just add username and password between http:// and page url .

NSString *urlString = @"http://username:password@domain.com/home";
[webview loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:urlString]]];

as you know, UIWebView does not provide opportunities to communicate with the server. I solved this problem this way: in the delegate method shouldStartLoadWithRequest of UIWebView I initiating another connection with NSURLConnection, and already in the method of the delegate NSURLConnection didReceiveAuthenticationChallenge processed the сhallenge from the server. Аnd in the method didReceiveResponse (if the challenge came) then again in the same UIWebView load the same URL (challenge has already been processed:). Do not forget to cancel connection in didReceiveResponse, otherwise it will double the traffic.

if you are experiencing symptoms of what Zach described in the comments of Sahil s answer:

as y5h said as well, add `_authed = YES to the didReceiveResponse method which will stop the infinite looping. even if the auth wasnt successful you need to treat it as if it was authed so it will try continuing loading the page if no authentication is required, if authentication was really required, then it will just fail like normal.

for the second symptom where the shouldStartLoadWithRequest: fires multiple times (due to embedded content on the webpage) and it will just show the last thing that loaded and not the whole web page, do this:

in the shouldStartLoadWithRequest: method, add this to the top

if(webview.loading){ //if url requests come through while its loading, its probably embedded content
    return YES;
}

edit: this above method has issues if the page fully loads, and then loads more embedded content afterwards, breaks with facebook which is the only case ive seen so far

this will let urls through while the website is trying to load. im not sure if its safe to assume that every url after the initial request is embedded content, but for my purposes it seemed to work, so maybe it will for you as well.

also, use

- (void) connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge

because

connection:canAuthenticateAgainstProtectionSpace:
connection:didReciveAuthenticationChallenge:
connection:didCancelAuthenticationChallenge:

are depricated, and for me, you could not authenticate with https websites using them

I would like to suggest another answer using the following pod: https://github.com/jivesoftware/JiveAuthenticatingHTTPProtocol

It contains an example showing how to use a UIAlertView to ask the user for the password, and could easily be adapted to return a saved password from a local DB for instance.

Disclaimer: I am in no way affiliated with Jive nor have I ever been, this is just a suggestion of a tool that helped me after struggling for days on this.





相关问题
How to set response filename without forcing "save as" dialog

I am returning a stream in some response setting the appropriate content-type header. The behavior I m looking for is this: If the browser is able to render content of the given content type then it ...

Which Http redirects status code to use?

friendfeed.com uses 302. bit.ly uses 301. I had decided to use 303. Do they behave differently in terms of support by browsers ?

Does HttpWebRequest send 200 OK automatically?

Background: I am implementing Paypal IPN handler. This great article on Paypal states that I am required to send a 200 OK back to Paypal after I read the response. The processing of IPN request is ...

Java HTTPAUTH

我试图把桌面应用程序连接起来,我是同D.icio.us api @ Delicious Alan书写的,简单地向他们提供我的用户名和密码,并请他把书记上写给我......。

Finding out where curl was redirected

I m using curl to make php send an http request to some website somewhere and have set CURLOPT_FOLLOWLOCATION to 1 so that it follows redirects. How then, can I find out where it was eventually ...

热门标签