Re: Ignoring credentials in shared NSURLCredentialStorage
Re: Ignoring credentials in shared NSURLCredentialStorage
- Subject: Re: Ignoring credentials in shared NSURLCredentialStorage
- From: Dave Dribin <email@hidden>
- Date: Fri, 11 May 2007 10:33:50 -0500
On May 11, 2007, at 7:24 AM, Jerry Krinock wrote:
But I find it hard to believe that the system would give your app
the credential without at least one of those dialog boxes that says
Dave's App wants access to keychain item blahblah.
Do you want to allow access to Dave's App?
[ ] Always allow
I never implied it didn't show the dialog. :)
The problem is, it consults Keychain *before* sending
connection:didReceiveAuthenticationChallenge:. Thus if the user hits
"Allow", there's no way for an app to override those credentials.
And hence it seems that my app cannot use a different username and
password than the one in Keychain. The only way to do this is to
have the user Deny access to this Keychain item to my app.
Example: Twitteric stores passwords in the Keychain. I can no longer
write my own app that accesses Twitter's API with a different
username and password without having the user muck with their Keychain.
-Dave
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden