IBM Domino服务器上的Swift 3 URLSession身份验证

Question

我是iOS开发的初学者。我想通过身份验证从IBM Domino服务器访问一些数据。代码只能返回服务器的登录页面。有人知道哪里出问题了吗？(对我的英语表示抱歉)

下面是我获取数据的代码：

class URLSessionTest: NSObject, URLSessionDelegate {

let user = "myUser"
let password = "myPwd"
let url = URL.init(string: "https://www.example.com/Test.nsf/0/91182C6C9EEE0414C12580A300312D1A?Opendocument")


func getData() {
    var request = URLRequest.init(url: url!)
    request.httpMethod = "POST"
    request.timeoutInterval = 30.0
    let parameters = ["Username": user, "Password": password] as Dictionary<String, String>
    do {
        request.httpBody = try JSONSerialization.data(withJSONObject: parameters, options: .prettyPrinted)
    } catch let error {
        print("request serialization error: \(error.localizedDescription)")
    }
    let configuration = URLSessionConfiguration.default
    let session = URLSession(configuration: configuration, delegate: self, delegateQueue: nil)
    let task = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) in
        if error != nil {
            print ("dataTask error: \(error!.localizedDescription)")
        }
        if let myresponse = response as? HTTPURLResponse {
            print ("dataTask response: \(myresponse)")
            myresponse.statusCode
        }
        let myval = NSString(data: data!, encoding: String.Encoding.utf8.rawValue)!
        print("dataTask data: \(myval)")
    })
    task.resume()
}

和代表们：

open func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Swift.Void){
    print ("challenge \(challenge.protectionSpace.authenticationMethod)")
    var disposition: URLSession.AuthChallengeDisposition = .useCredential
    var credential:URLCredential?
    let defaultCredential = URLCredential(user: user, password: password, persistence: URLCredential.Persistence.none)
    if challenge.previousFailureCount > 0 {
        print ("cancel authentication challenge")
        disposition = .cancelAuthenticationChallenge
        credential = nil
    } else if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
        print ("Server Trust")
        credential = URLCredential(trust: challenge.protectionSpace.serverTrust!)

        if (credential != nil) {
            print ("Use credential")
            disposition = .useCredential
        }
        else{
            print ("perform default handling")
            disposition = .performDefaultHandling
            credential = defaultCredential
        }
    }
    else if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodClientCertificate {
        print ("client certificate")
    }
    else if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodHTTPBasic {
        print ("Basic authentication")
    }
    else{
        disposition = .cancelAuthenticationChallenge
        credential = nil
    }
    if credential != nil { challenge.sender!.use(credential!, for: challenge)}
    completionHandler(disposition, credential);
}

func urlSession(_ session: URLSession, task: URLSessionTask, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
    print ("URLSessionTask didReceive")
    let credential = URLCredential(user: user, password: password, persistence: URLCredential.Persistence.forSession)
    challenge.sender?.use(credential, for: challenge)
    completionHandler(URLSession.AuthChallengeDisposition.useCredential,credential)
}

以下是代码的输出：

challenge NSURLAuthenticationMethodServerTrust
Server Trust
Use credential
dataTask response: <NSHTTPURLResponse: 0x610000031780> { URL: https://www.example.com/Test.nsf/0/91182C6C9EEE0414C12580A300312D1A?Opendocument } { status code: 200, headers {
"Cache-Control" = "no-cache";
"Content-Length" = 5949;
"Content-Type" = "text/html; charset=UTF-8";
Date = "Sun, 12 Feb 2017 19:14:19 GMT";
Expires = "Tue, 01 Jan 1980 06:00:00 GMT";
Server = "Lotus-Domino";
"Strict-Transport-Security" = "max-age=0";} }

Answer 1

根据@Per Henrik Lausten的评论，Domino服务器提供了一种绕过会话身份验证的方法，并允许对访问特定应用程序的URL进行基本身份验证。该方法在this IBM technote中进行了描述。与向基本身份验证开放整个站点相比，这是一个更好的替代方案。我看到您正在使用https，这很好，但是您正在访问的NSF文件上的属性也应该设置为需要https连接，如果它们还没有这样设置的话。