The best way to safely secure Objective-C login to iPhone

Question

The best way to safely secure Objective-C login to iPhone

I wanted to know the best methodology (with sample code) to have an iPhone application login feature that will connect to the server. I assume that sending web services through SOAP is not the safest.

Thanks guys,

+4

objective-c iphone

Doz Aug 26 '09 at 10:23

source share

2 answers

What are you trying to protect? A good start is to use HTTPS to transfer login information to the web service. You still need to ensure the security of the web service, but at least users will be protected from attempted tracking and man-in-the-middle attacks.

+1

Mark bessey Aug 26 '09 at 10:34

source share

Simon woodside · Accepted Answer · 2009-08-27T03:00:30+0000

With NSURLRequest / NSMutableURLRequest, you can configure authentication using any method you like ... here is an example of HTTP Basic to get some XML result.

NSMutableURLRequest * request = [NSMutableURLRequest requestWithURL:url]; [request setHTTPMethod:@"GET"]; // or POST or whatever [request setValue:@"application/xml" forHTTPHeaderField:@"Accept"]; NSString * userID = @"hello"; NSString * password = @"world"; NSString * authStr = [[[NSString stringWithFormat:@"%@:%@", userID, password] dataUsingEncoding:NSUTF8StringEncoding] base64Encoding]; [request setValue:[NSString stringWithFormat: @"Basic %@", authStr] forHTTPHeaderField:@"Authorization"];

You will need to read HTTP authentication methods to know what to do to talk to your specific server, but there is nothing wrong with using HTTPS (SSL) + Basic, it is safe.

The best way to safely secure Objective-C login to iPhone

More articles: