Android post request on IOS

Question

I'm trying to port an Android app to IOS platform. I get data from a service located in an Apache Tomcat server and recently they added security on the service. The security overview is

1. https simple request
2. if(valid_user)->service returns data
3. else->service returns login form ->post credentials->service returns data

The Android version work without problem. Before security was added I was performing simple http request but now I need to do a POST request with my credentials and I allways receive error.html as result. I'm far from being expert on network programming.

This is the Android http client setup code:

if(httpClient==null)
{
 DefaultHttpClient client = new DefaultHttpClient();

 KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
 trustStore.load(null, null);
 SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
 sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
 SchemeRegistry registry = new SchemeRegistry();
 registry.register(new Scheme("https", sf, 8443));

 mgr = new ThreadSafeClientConnManager(client.getParams(), registry);
 int timeoutConnection = 5000;
 HttpConnectionParams.setConnectionTimeout(client.getParams(), timeoutConnection);
 // Set the default socket timeout (SO_TIMEOUT) 
 // in milliseconds which is the timeout for waiting for data.
 int timeoutSocket = 7000;
 HttpConnectionParams.setSoTimeout(client.getParams(), timeoutSocket);
 httpClient = new DefaultHttpClient(mgr, client.getParams());
}

And this is MySSLSocketFactory class:

public class MySSLSocketFactory extends SSLSocketFactory {
    SSLContext sslContext = SSLContext.getInstance("TLS");

    public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(truststore);

        TrustManager tm = new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };

        sslContext.init(null, new TrustManager[] { tm }, null);
    }

    @Override
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
        return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
    }

    @Override
    public Socket createSocket() throws IOException {
        return sslContext.getSocketFactory().createSocket();
    }
}

This is the POST request code for Android (it is working OK):

...
HttpPost httpost = new HttpPost(host+"/serviceName/j_security_check"); 
List<BasicNameValuePair> nvps = new ArrayList<BasicNameValuePair>();
nvps.add(new BasicNameValuePair("j_username", userName));
nvps.add(new BasicNameValuePair("j_password", userPassword));

try {
     httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
    } 
catch (UnsupportedEncodingException e) {
    // TODO Auto-generated catch block
                e.printStackTrace();
}

try {
     httpResponse = httpClient.execute(httpost);
} catch (ClientProtocolException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
} catch (IOException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
}
entity = httpResponse.getEntity();
...

I have tried several ways but allways with the same result. I only add code that I think is remarkable:

-(void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
  NSURLCredential *credential=[NSURLCredential credentialWithUser:self.userName password:self.userpassword persistence:NSURLCredentialPersistenceForSession];
   [[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
}

In the method where the POST request is defined:

{
...
NSString *urlstr=[NSString stringWithFormat:@"%@%@",host,@"serviceName/j_security_check"];
NSURL *url=[[NSURL alloc]initWithString:urlstr];
NSMutableURLRequest *request=[NSMutableURLRequest requestWithURL:url];
NSString *params=[[NSString alloc]initWithFormat:@"j_username=my_userName&j_userpassword=my_userPassword"];
[request setHTTPMethod:@"POST"];
[request setHTTPBody:[params dataUsingEncoding:NSUTF8StringEncoding]];
[[NSURLConnection alloc]initWithRequest:request delegate:self];
}

I have been searching for a valid POST request on the web but none has been usefull...

If you need more info please ask for it

Your help is apreciated.

EDIT: I changed willSendRequestForAuthenticationChallenge delegate because with the previous one I don't get the login.html form.

EDIT: I added http client setup code from android. Now the method posting data looks similar to @MTahir answer but I still get the error.html, which means (I think) that the POST method is working ok but the data isn't encripted the correct way.

Answer 1

If you are looking for a working piece of code that posts data, then try this, I have using this, it works great.

It takes the data to be sent in dictionary object. Ecodes the data to be sent as POST and then returns the response (if you want the results in string format you can use [[NSString alloc] initWithData:dresponse encoding: NSASCIIStringEncoding]; when returning data)

-(NSData*) postData:(NSDictionary *) postDataDic{

NSData *dresponse = [[NSData alloc] init];

NSURL *nurl = [NSURL URLWithString:url];
NSDictionary *postDict = [[NSDictionary alloc] initWithDictionary:postDataDic];
NSData *postData = [self encodeDictionary:postDict];

// Create the request
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:nurl];
[request setHTTPMethod:@"POST"]; // define the method type
[request setValue:[NSString stringWithFormat:@"%d", postData.length] forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/x-www-form-urlencoded charset=utf-8" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:postData];

    // Peform the request
    NSURLResponse *response;
    NSError *error = nil;

    dresponse = [NSURLConnection sendSynchronousRequest:request  
                                                 returningResponse:&response
                                                             error:&error];

return dresponse;
}

This method prepares the Dictionary data for POST

  - (NSData*)encodeDictionary:(NSDictionary*)dictionary {
    NSMutableArray *parts = [[NSMutableArray alloc] init];
    for (NSString *key in dictionary) {
        NSString *encodedValue = [[dictionary objectForKey:key] stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
        NSString *encodedKey = [key stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding]; 
        NSString *part = [NSString stringWithFormat: @"%@=%@", encodedKey, encodedValue];
        [parts addObject:part];
    }
    NSString *encodedDictionary = [parts componentsJoinedByString:@"&"];
    return [encodedDictionary dataUsingEncoding:NSUTF8StringEncoding];
}

If you have any confusion do let me know.