Question

我正在对服务器进行调查，并且我一直收到服务器证书无效的错误，因此在研究之后我发现我必须信任服务器使用身份验证质询。这完全没问题（我打印验证挑战以确保它确实如此）但是其余的调用没有通过，我无法从我的服务器获取信息，在验证挑战后没有任何反应，通常是我＆＃d; dd期望返回数据。然而没有任何事情发生，我的urlsessiondatadelegates都没有被调用（带有休息检查）。

任何人都可以发现它为什么会这样吗？代码：

 var request = URLRequest(url: URL(string: "https://45.56.105.97:7915/search-v2")!)
request.httpMethod = "POST"
request.addValue("Basic ***********", forHTTPHeaderField: "Authorization")

 let task = URLSession(configuration: .default, delegate: self, delegateQueue: OperationQueue.main)
            task.dataTask(with: request) { (data, response, error) in
               print(error)
                print(data)
                if let responseData = NSString(data: data!, encoding: String.Encoding.utf8.rawValue){
                                    print("data: \(responseData)")
                                    self.parseXML(data!)

                                }
        }.resume()

委托方法：

func urlSession(_ session: URLSession, task: URLSessionTask, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
    print("did autherntcationchallenge = \(challenge.protectionSpace.authenticationMethod)")

    if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust  {
        print("send credential Server Trust")
        let credential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
        challenge.sender!.use(credential, for: challenge)

    }else if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodHTTPBasic{
        print("send credential HTTP Basic")
        let defaultCredentials: URLCredential = URLCredential(user: "username", password: "password", persistence:URLCredential.Persistence.forSession)
        challenge.sender!.use(defaultCredentials, for: challenge)

    }else if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodNTLM{
        print("send credential NTLM")

    } else{
        challenge.sender!.performDefaultHandling!(for: challenge)
    }

}
func urlSession(_ session: URLSession, dataTask: URLSessionDataTask, didReceive data: Data) {
    print("Data received: \(data)")
}

func urlSession(_ session: URLSession, dataTask: URLSessionDataTask, didReceive response: URLResponse, completionHandler: @escaping (URLSession.ResponseDisposition) -> Void) {

    print("Response received: \(response)")
}

func urlSession(_ session: URLSession, task: URLSessionTask, didCompleteWithError error: Error?) {
    print("something went wrong: \(error)")
}

func urlSession(_ session: URLSession, task: URLSessionTask, willPerformHTTPRedirection response: HTTPURLResponse, newRequest request: URLRequest, completionHandler: @escaping (URLRequest?) -> Void) {
    print("rep: \(response)")
}

跑步后，我打印的全部是：

autherntcationchallenge = NSURLAuthenticationMethodServerTrust 发送凭证服务器信任

我也看到过关于如何只使用闭包或委托方法来检索数据的对话，而不是两者。我尝试过一切都没有成功。

**我也知道我不应该只是盲目地信任服务器，但我想弄清楚为什么我不能接收数据，我知道这有严重的安全漏洞。

Answer 1

有两个问题：

正如Rob在评论中提到的那样，您不会在任何委托方法中调用完成处理程序。这意味着连接将在此时停止进行。
您在挑战发件人上调用方法来提供凭据。这适用于NSURLConnection，但NSURLSession要求您通过调用完成处理程序来完成它。否则，事情将会非常糟糕，IIRC，例如
```
    completionHandler(.PerformDefaultHandling, nil)
```

验证质询

1 个答案: