用于IIS窗口身份验证的HTTP身份验证标头

I have a web site hosted on IIS with windows authentication. I am trying to access it in one of my iPhone web application. Presently i am using this code, but it is not working.

我有一个使用Windows身份验证在IIS上托管的网站。我试图在我的一个iPhone Web应用程序中访问它。目前我正在使用此代码,但它无法正常工作。

NSString *authString = [[[NSString stringWithFormat:@"%@:%@", @"myusername", @"mypassword"]dataUsingEncoding:NSUTF8StringEncoding] base64Encoding];

NSString * authString = [[[NSString stringWithFormat:@“%@:%@”,@“myusername”,@“mypassword”] dataUsingEncoding:NSUTF8StringEncoding] base64Encoding];

authString = [NSString stringWithFormat: @"Basic %@", authString];

**[requestObj setValue:authString forHTTPHeaderField:@"Authorization"];**

my web app is hosted with windows authentication. but here i am using basic. can any one post what is the correct http header for it.

我的网络应用程序托管与Windows身份验证。但在这里我使用的是基本的。可以任何人发布什么是正确的http标头。

Thanks..

4 个解决方案

#1

I think the main difference is you need to specify the domain you are authenticating against as well as the username and password. Something like this should work. I've used a synchronous request for brevity, ideally you should use an ASINetworkQueue or NSOperationQueue to perform the request.

我认为主要区别在于您需要指定要进行身份验证的域以及用户名和密码。这样的事情应该有效。为了简洁,我使用了同步请求,理想情况下,您应该使用ASINetworkQueue或NSOperationQueue来执行请求。

NSString *username = @"test";
NSString *password = @"test";
NSString *domain = @"test";
NSURL *url = [NSURL URLWithString:@"http://myurl"];
ASIHTTPRequest *request = [[[ASIHTTPRequest alloc] initWithURL:url] autorelease];
[request setUseSessionPersistence:YES];
[request setUsername:username];
[request setPassword:password];
[request setDomain:domain];
[request start];
if ([request error]) {
    if ([[request error] code] == ASIAuthenticationErrorType) {
        //Authentication failed
    }
} else {
    NSLog([request responseString]);
}

I don't have access to a Windows server to test this, but I have tested NTLM in the past so it should work... :)

我没有访问Windows服务器来测试这个,但我过去测试过NTLM,所以应该可以工作...... :)

#2

Windows authentication (NTLM) isn't as simple as basic authentication. NTLM requires more than one webrequest to negotiate the security so there isn't a static HTTP header you can send to log in.

Windows身份验证(NTLM)并不像基本身份验证那么简单。 NTLM需要多个webrequest来协商安全性,因此您不能发送静态HTTP头来登录。

#3

You can use the third-party ASIHTTPRequest library to perform NTLM over HTTP authentication.

您可以使用第三方ASIHTTPRequest库来执行NTLM over HTTP身份验证。

#4

I'm not 100% sure it supports NTLM Authentication but have you investigated the connection:didReceiveAuthenticationChallenge method on the NSUrlConnection?

我不是100%肯定它支持NTLM身份验证,但您是否已经调查了NSUrlConnection上的连接:didReceiveAuthenticationChallenge方法?

#1

NSString *username = @"test";
NSString *password = @"test";
NSString *domain = @"test";
NSURL *url = [NSURL URLWithString:@"http://myurl"];
ASIHTTPRequest *request = [[[ASIHTTPRequest alloc] initWithURL:url] autorelease];
[request setUseSessionPersistence:YES];
[request setUsername:username];
[request setPassword:password];
[request setDomain:domain];
[request start];
if ([request error]) {
    if ([[request error] code] == ASIAuthenticationErrorType) {
        //Authentication failed
    }
} else {
    NSLog([request responseString]);
}