1

Possible Duplicate:
Basic HTTP Authentication on iPhone

I have a PHP file in a directory of my website, let's name that directory "example". Within that directory is a PHP file. My app accesses that PHP file to store data in a database (i.e. www.website.com/example/file.php?task=register&something=blahblahblah...). This URL can obviously be accessed from a web browser and fake information can be inserted. So, I'll protect the directory with a username and password. How do I let the app know the username and password so that it can login? Is there an easy way to do this? Thanks for your help!

Community
  • 1
  • 1
Jack Humphries
  • 13,056
  • 14
  • 84
  • 125

2 Answers2

2

You can simply use URL like http://login:pass@www.website.com/example/file.. ;)

But you have to hide login and pass !

yosh
  • 3,245
  • 7
  • 55
  • 84
  • Nice! That's it?? It seems too good to be true. – Jack Humphries Sep 05 '11 at 15:36
  • One more thing, if the app accesses this URL, doesn't output it to the log or anything, will this be detectable by the user, especially if they have a filter or something? – Jack Humphries Sep 05 '11 at 15:39
  • Works for Web Basic auth, yea. Unless you want to display the URL somewhere. What log and filter? It's a simple URL call with login/pass included :) – yosh Sep 05 '11 at 15:40
  • Yes, I meant I wouldn't be dumb enough to output the URL (user:pass@website.com) so the user can check the console. But let's say that their company uses a filter to check the websites their employees are visiting on their network. When this URL is accessed, the filter saves the URL, with the username and password in it. Right? – Jack Humphries Sep 05 '11 at 15:45
  • Can't say for sure. But if security is a big issue here then this might not be the best solution and you have to use something that requires more code after all :) NSURLConnection has didReceiveAuthenticationChallenge method. – yosh Sep 05 '11 at 15:51
  • Ok, I was just checking, it shouldn't be too much of an issue here. Thanks for your help! – Jack Humphries Sep 05 '11 at 15:54
1

Yes, use the ASIHttpRequest library and set the username and password when making your call.

You could also do this by using NSUrlConnection but the ASIHttpRequest library is much easier to handle.

Maurício Linhares
  • 39,901
  • 14
  • 121
  • 158