When does NSURLConnection proactively send authorization?
When does NSURLConnection proactively send authorization?
- Subject: When does NSURLConnection proactively send authorization?
- From: Jens Alfke <email@hidden>
- Date: Fri, 05 Apr 2013 12:44:14 -0700
When multiple HTTP requests are sent to a single server that’s using basic auth, in what circumstances does a NSURLConnection add the WWW-Authenticate header proactively on its first attempt, instead of first sending no auth, then getting a 401 response, then retrying with auth?
(All of the request URLs are identical up to the first path component. The server’s WWW-Authenticate response returns the same realm string for all requests.)
I had always thought that after the first 401-then-retry-with-auth-then-200 dance, that CFNetwork would then proactively add authentication for all requests to the same host. But I’m debugging some auth problems, and it’s clearly not doing that — the server-side logs show a sequence where each request gets a 401 and is then followed by a request with an identical URL that succeeds. On the client side I see my authentication-challenge delegate method being called on each request.
This doubles the number of HTTP requests. The CouchDB replication protocol that I’m implementing can, unfortunately, end up sending a large number of small GETs (one per document) so this really hurts performance, especially over high-latency cellular connections.
—Jens
(Configuration I’m testing right now is OS X 10.8.3, but the same behavior seems to occur on iOS 6.x.)
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden