4

我在 iOS 编程中遇到了一些身份验证问题。我有一个代码可以在 Windows 2003 上完美地对抗 IIS6,但不能在带有 IIS7 的 Windows Server 2008 上工作。两台服务器上的安全选项相同(无匿名访问和“集成 Windows 身份验证”)。

这是“didReceiveAuthenticationChallenge”委托的代码:

-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:
(NSURLAuthenticationChallenge *)challenge 
{
//USE STORED CREDENTIALS
Credentials* cred = [[Credentials alloc] init];
NSString* userName = cred.userName;
NSString* pass = cred.pass;

NSString* authMethod = [[challenge protectionSpace] authenticationMethod];

//Kerberos (Negotiate) needs "user@realm" as username
//NTLM Needs domain\\username
if ([authMethod isEqualToString:NSURLAuthenticationMethodNTLM]) {
    userName = [NSString stringWithFormat:@"%@%@", @"es\\" , userName];
}
if ([authMethod isEqualToString:NSURLAuthenticationMethodNegotiate]) {
    userName = [NSString stringWithFormat:@"%@%@", userName, @"@subdomain.domain.com"];
}

NSLog(@"Auth method in use: %@" , authMethod);
NSLog(@"User: %@" , userName);
NSLog(@"Pass: %@" , pass);

if ([challenge previousFailureCount] <= 1) {
    NSLog(@"received authentication challenge");
    NSURLCredential *credential;
    credential = [NSURLCredential 
                     credentialWithUser:userName 
                     password:pass
                     persistence:NSURLCredentialPersistenceForSession];        

    [[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];

}
else {
    NSLog(@"Authentication error");
    NSLog(@"Failed login with status code: %d", [(NSHTTPURLResponse*)[challenge failureResponse]statusCode]);
    [[challenge sender] cancelAuthenticationChallenge:challenge];   
}

}

4

1 回答 1

2

最后,我发现了这个错误......问题与Windows 2008 IIS7 Servers上的身份验证方法有关。

当您使用“集成 Windows 身份验证”时,服务器可以使用 NTLM 或 Kerberos。我的 2008 服务器总是使用 kerberos,即使这些机器上没有配置 Kerberos。

解决方案是编辑 IIS 元数据库以强制 NTML 身份验证。

于 2012-08-17T13:02:01.837 回答