Basic Authentication failures with iOS 8

Question

I have an iOS app that interacts with a server running Rails, and has been stable and reliable for 3 years. The server requires Basic and SSL certification, and this has been working perfectly fine right up to and including iOS 7.

However, I am now seeing authentication issues with devices running iOS 8. Devices / simulators running < iOS 8 continue to work fine.

On app initialization, there is a flurry of data requests to sync with the server that need to pass Basic authentication.

These result in the following delegate method being called,

willSendRequestForAuthenticationChallenge

...and the problem occurs because these are being challenged endlessly - the code deliberately fails on the second try when [challenge previousFailureCount] > 0 (the code path follows standard practice by calling cancelAuthenticationChallenge if the previousFailureCount > 0) - see below.

I've logged the challenge ids, and these are different across each challenge, even when the previousFailureCount > 0.

- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{

    if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodHTTPBasic])
    {   
        if ([challenge previousFailureCount] == 0)
        {
            NSURLCredential *newCredential;

            newCredential = [NSURLCredential credentialWithUser:MY_USERNAME
                            password:MY_PASSWORD
                            persistence:NSURLCredentialPersistenceForSession]; // Retain for rest of session

            [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
        }
        else
        {
            [[challenge sender] cancelAuthenticationChallenge:challenge];

            // ...error will be handled by connection didFailWithError
        }
    }
}

If I knock out the call to check the previousFailureCount, there are endless invocations of the challenge method.

However, once this flurry of failures has failed, the subsequent and later 'individual' NSUrlRequests are successfully authenticated.

Again, this problem is specific to iOS 8. Any ideas why a 'fast' succession of authentication requests would fail in iOS 8, but work in iOS 7?

Thanks.

Answer 1

In case you are not handling the authentication method (NSURLAuthenticationMethodHTTPBasic) you must invoke one of these methods anyway:

useCredential:forAuthenticationChallenge:

continueWithoutCredentialForAuthenticationChallenge:

cancelAuthenticationChallenge:

performDefaultHandlingForAuthenticationChallenge:

rejectProtectionSpaceAndContinueWithChallenge:

If you want to ignore a certain authentication method you preferable might want to invoke performDefaultHandlingForAuthenticationChallenge:.

See also: connection:willSendRequestForAuthenticationChallenge: