<html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hi team,<div><div><br></div><div>we have decided for our ios 1.1.0 release to go with the approach of setting the NSURLCredential as a config param on the pipe. That is:</div><div><br></div><div><pre style="margin-top: 0px; margin-bottom: 0px; padding: 0px; border: 0px; "><div class="line" id="LC47" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span class="kt" style="margin: 0px; padding: 0px; border: 0px; color: rgb(68, 85, 136); font-weight: bold; ">id</span> <span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; "><</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">AGPipe</span><span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; ">></span> <span class="n" style="margin: 0px; padding: 0px; border: 0px; ">pipe</span> <span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; ">=</span> <span class="p" style="margin: 0px; padding: 0px; border: 0px; ">[</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">_pipeline</span> <span class="n" style="margin: 0px; padding: 0px; border: 0px; ">pipe</span><span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; ">:^</span><span class="p" style="margin: 0px; padding: 0px; border: 0px; ">(</span><span class="kt" style="margin: 0px; padding: 0px; border: 0px; color: rgb(68, 85, 136); font-weight: bold; ">id</span> <span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; "><</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">AGPipeConfig</span><span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; ">></span> <span class="n" style="margin: 0px; padding: 0px; border: 0px; ">config</span><span class="p" style="margin: 0px; padding: 0px; border: 0px; ">)</span> <span class="p" style="margin: 0px; padding: 0px; border: 0px; ">{</span></div><div class="line" id="LC48" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "> <span class="p" style="margin: 0px; padding: 0px; border: 0px; ">[</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">config</span> <span class="n" style="margin: 0px; padding: 0px; border: 0px; ">setName</span><span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; ">:</span><span class="s" style="margin: 0px; padding: 0px; border: 0px; color: rgb(221, 17, 68); ">@"autobots"</span><span class="p" style="margin: 0px; padding: 0px; border: 0px; ">];</span></div><div class="line" id="LC49" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "> <span class="c1" style="margin: 0px; padding: 0px; border: 0px; color: rgb(153, 153, 136); font-style: italic; ">// set up credentials for Basic/Digest</span></div><div class="line" id="LC50" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "> <span class="p" style="margin: 0px; padding: 0px; border: 0px; ">[</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">config</span> <span class="n" style="margin: 0px; padding: 0px; border: 0px; ">setCredential</span><span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; ">:</span><span class="p" style="margin: 0px; padding: 0px; border: 0px; ">[</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">NSURLCredential</span></div><div class="line" id="LC51" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "> <span class="nl" style="margin: 0px; padding: 0px; border: 0px; ">credentialWithUser:</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">PASSING_USERNAME</span></div><div class="line" id="LC51" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span class="Apple-tab-span" style="white-space:pre"> </span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">password</span><span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; ">:</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">LOGIN_PASSWORD</span></div><div class="line" id="LC51" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span class="Apple-tab-span" style="white-space:pre"> </span> <span class="n" style="margin: 0px; padding: 0px; border: 0px; ">persistence</span><span class="o" style="margin: 0px; padding: 0px; border: 0px; font-weight: bold; ">:</span><span class="n" style="margin: 0px; padding: 0px; border: 0px; ">NSURLCredentialPersistenceNone</span><span class="p" style="margin: 0px; padding: 0px; border: 0px; ">]];</span></div><div class="line" id="LC52" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "> <span class="p" style="margin: 0px; padding: 0px; border: 0px; ">}];</span></div><div class="line" id="LC52" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span class="p" style="margin: 0px; padding: 0px; border: 0px; "><br></span></div><div class="line" id="LC52" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span class="p" style="margin: 0px; padding: 0px; border: 0px; "><span style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: medium; line-height: normal; white-space: normal; "><br></span></span></div><div class="line" id="LC52" style="margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span style="color: rgb(51, 51, 51); font-family: Helvetica; font-size: 12px; line-height: 18px; white-space: normal; ">Main point that we decided to go with that approach is that users are </span><span style="color: rgb(51, 51, 51); font-family: Helvetica; font-size: 12px; line-height: 18px; white-space: normal; ">familiar</span><font color="#333333" face="Helvetica"><span style="line-height: 18px; white-space: normal;"> with the NSURLCredential object and is more straightforward to use instead of going through the authentication module 'login', 'logout' requests for this type of auth. </span></font><span style="color: rgb(51, 51, 51); font-family: Helvetica; line-height: 18px; white-space: normal; background-color: rgb(255, 255, 255); ">It's a similar approach on what our underlying networking lib </span><span style="color: rgb(51, 51, 51); font-family: Helvetica; line-height: 18px; white-space: normal; background-color: rgb(255, 255, 255); ">does when the user wants to set the credentials. A</span><font color="#333333" face="Helvetica"><span style="font-size: 12px; line-height: 18px; white-space: normal;"> note would be added for the user to be cautious when setting the persistence type (e.g. </span></font><span style="background-color: rgb(255, 255, 255); color: rgb(102, 102, 102); font-family: Courier, Consolas, monospace; font-size: 13px; white-space: normal; ">NSURLCredentialPersistencePermanent) </span><span style="background-color: rgb(255, 255, 255); "><font color="#333333" face="Helvetica"><span style="line-height: 18px; white-space: normal;">so he can clear it up afterwards. </span></font></span></div><div class="line" id="LC52" style="margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span style="font-family: Helvetica; white-space: normal; color: rgb(51, 51, 51); font-size: 12px; line-height: 18px; "><br></span></div><div class="line" id="LC52" style="margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span style="font-family: Helvetica; white-space: normal; color: rgb(51, 51, 51); font-size: 12px; line-height: 18px; ">Thanks,</span></div><div class="line" id="LC52" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span style="font-family: Helvetica; white-space: normal; ">Christos</span></div><div class="line" id="LC52" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><span style="font-family: Helvetica; white-space: normal; "><br></span></div><div class="line" id="LC52" style="color: rgb(51, 51, 51); font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 12px; line-height: 18px; margin: 0px; padding: 0px 0px 0px 10px; border: 0px; "><br></div></pre></div><div><div><div>On Jun 3, 2013, at 4:32 PM, Matthias Wessendorf <<a href="mailto:matzew@apache.org">matzew@apache.org</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Mon, Jun 3, 2013 at 3:22 PM, Christos Vasilakis <span dir="ltr"><<a href="mailto:cvasilak@gmail.com" target="_blank">cvasilak@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">Hi<div><br></div><div>I guess we can have both approaches </div></div></blockquote><div>
<br></div><div style="">Not sure if we would mix a bit too much here</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">
<div>too and document the fact that care should be taken for the persistent type. </div><div><br></div><div>Further, another possible option allowing more more full control, is to expose as an option the underlying block that iOS provides so users can feed their own block. It is similar to the approach the underlying afnetworking library does for users to <a href="https://github.com/AFNetworking/AFNetworking/blob/master/AFNetworking/AFURLConnectionOperation.h#L320" target="_blank">configure</a> if they wish too.</div>
<div><br></div><div>In essence, something similar to:</div><div><br></div><pre style="margin-top:0px;margin-bottom:0px;padding:0px;border:0px;font-size:12px;font-family:Consolas,'Liberation Mono',Courier,monospace;color:rgb(51,51,51);line-height:18px"><div style="margin:0px;padding:0px 0px 0px 10px;border:0px"> <span style="margin:0px;padding:0px;border:0px;color:rgb(68,85,136);font-weight:bold">id</span> <span style="margin:0px;padding:0px;border:0px;font-weight:bold"><</span><span style="margin:0px;padding:0px;border:0px">AGPipe</span><span style="margin:0px;padding:0px;border:0px;font-weight:bold">></span> <span style="margin:0px;padding:0px;border:0px">pipe</span> <span style="margin:0px;padding:0px;border:0px;font-weight:bold">=</span> <span style="margin:0px;padding:0px;border:0px">[</span><span style="margin:0px;padding:0px;border:0px">_pipeline</span> <span style="margin:0px;padding:0px;border:0px">pipe</span><span style="margin:0px;padding:0px;border:0px;font-weight:bold">:^</span><span style="margin:0px;padding:0px;border:0px">(</span><span style="margin:0px;padding:0px;border:0px;color:rgb(68,85,136);font-weight:bold">id</span> <span style="margin:0px;padding:0px;border:0px;font-weight:bold"><</span><span style="margin:0px;padding:0px;border:0px">AGPipeConfig</span><span style="margin:0px;padding:0px;border:0px;font-weight:bold">></span> <span style="margin:0px;padding:0px;border:0px">config</span><span style="margin:0px;padding:0px;border:0px">)</span> <span style="margin:0px;padding:0px;border:0px">{</span></div>
<div style="margin:0px;padding:0px 0px 0px 10px;border:0px"> <span style="margin:0px;padding:0px;border:0px">[</span><span style="margin:0px;padding:0px;border:0px">config</span> <span style="margin:0px;padding:0px;border:0px">setName</span><span style="margin:0px;padding:0px;border:0px;font-weight:bold">:</span><span style="margin:0px;padding:0px;border:0px;color:rgb(221,17,68)">@"autobots"</span><span style="margin:0px;padding:0px;border:0px">];</span></div>
<div style="margin:0px;padding:0px 0px 0px 10px;border:0px"> <span style="margin:0px;padding:0px;border:0px;color:rgb(153,153,136);font-style:italic">// correct credentials</span></div><div style="margin:0px;padding:0px 0px 0px 10px;border:0px;background-color:rgb(255,255,204)">
<span style="margin:0px;padding:0px;border:0px">[</span><span style="margin:0px;padding:0px;border:0px">config</span> <span style="color:rgb(153,0,0);font-weight:bold">setAuthenticationChallengeBlock</span><span style="margin:0px;padding:0px;border:0px;font-weight:bold">:^</span><span style="margin:0px;padding:0px;border:0px">(</span><span style="margin:0px;padding:0px;border:0px">NSURLConnection</span> <span style="margin:0px;padding:0px;border:0px;font-weight:bold">*</span><span style="margin:0px;padding:0px;border:0px">connection</span><span style="margin:0px;padding:0px;border:0px">,</span> <span style="margin:0px;padding:0px;border:0px">NSURLAuthenticationChallenge</span> <span style="margin:0px;padding:0px;border:0px;font-weight:bold">*</span><span style="margin:0px;padding:0px;border:0px">challenge</span><span style="margin:0px;padding:0px;border:0px">) {</span></div>
<div style="margin:0px;padding:0px 0px 0px 10px;border:0px"> // create the credentials and server them to the challenge request </div><div style="margin:0px;padding:0px 0px 0px 10px;border:0px"> <span style="margin:0px;padding:0px;border:0px">}];</span></div>
</pre><div><br></div><div>Wdyt?</div></div></blockquote><div><br></div><div style="">Not sure on that as well. Right now we configure initial state/params. Not sure we should really do extend the config to also accept "blocks/functions" to react on behaviour. Hrm... </div>
<div><br></div><div><br></div><div><br></div><div><br></div><div> </div><div><br></div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">
<span class="HOEnZb"><font color="#888888"><div><br></div><div>Christos</div></font></span><div><div class="h5"><div><br></div><div><br></div><div><div><div>On May 29, 2013, at 1:27 PM, Matthias Wessendorf <<a href="mailto:matzew@apache.org" target="_blank">matzew@apache.org</a>> wrote:</div>
<blockquote type="cite"><div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, May 29, 2013 at 12:18 PM, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Hi, sorry for my n00bish. I like the idea of libraries to make<br>
developer's life easier, I just have few questions.<br>
<br>
Is possible to have both into AGAuthenticationModuleAdapter?<br>
NSURLCredential for developers pretty familiar with it (and wants full<br>
control) and HTTPBasicDigestAuthenticationModule for developer who want<br>
to keep it simple?<br></blockquote><div><br></div><div>Interesting point. Let me think about it</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<br>
Another question? Why not HTTPAuthenticationModule? With the addition of<br>
more auth schemes you will end with something like<br>
HTTPBasicDigestHawkPersonaOAuth2AuthenticationModule.<br></blockquote><div><br></div><div><br></div><div>oh, right :) yeah, let's name it AG<span style="font-family:arial,sans-serif;font-size:13px">HTTPAuthenticationModule.h/m. Good point</span></div>
<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div><br>
<br>
<br>
Corinne Krych wrote:<br>
> Thanks for the clarification.<br>
> I think I didn't get it.<br>
> Indeed it should be well documented as you would expect a login action<br>
> (ie doing an actual login on endpoint) when sending a login message.<br>
> saveLoginCredentials would be the correct message but I guess we rather<br>
> stick to AGAuthenticationModuleAdapter protocol.<br>
><br>
> +1<br>
> Corinne<br>
><br>
><br>
> On 29 May 2013 11:13, Matthias Wessendorf <<a href="mailto:matzew@apache.org" target="_blank">matzew@apache.org</a><br>
</div><div>> <mailto:<a href="mailto:matzew@apache.org" target="_blank">matzew@apache.org</a>>> wrote:<br>
><br>
><br>
><br>
><br>
> On Wed, May 29, 2013 at 10:20 AM, Christos Vasilakis<br>
</div><div>> <<a href="mailto:cvasilak@gmail.com" target="_blank">cvasilak@gmail.com</a> <mailto:<a href="mailto:cvasilak@gmail.com" target="_blank">cvasilak@gmail.com</a>>> wrote:<br>
><br>
> Hi,<br>
><br>
> iOS platform provides built-in implementations for<br>
> authenticating against HTTP endpoints that support Basic /<br>
> Digest authentication (among others). The workflow when iOS<br>
> tries to authenticate against those endpoints is basically:<br>
><br>
> a) A credential storage singleton object<br>
</div>> <<a href="https://developer.apple.com/library/mac/#documentation/Cocoa/Reference/Foundation/Classes/NSURLCredentialStorage_Class/Reference/Reference.html" target="_blank">https://developer.apple.com/library/mac/#documentation/Cocoa/Reference/Foundation/Classes/NSURLCredentialStorage_Class/Reference/Reference.html</a>> provided<br>
<div>> by the system is consulted for authentication credentials. If<br>
> credentials are found, the system proceeds with authentication.<br>
> Understandably for this to work, the developer has to initially<br>
> push the credentials to the system object (and remove when done).<br>
><br>
> b) If credentials are NOT found, the system tries to call the<br>
> delegate method e.g.<br>
> 'connection:didReceiveAuthenticationChallenge<br>
</div>> <<a href="http://developer.apple.com/library/mac/documentation/Foundation/Reference/NSURLConnectionDelegate_Protocol/Reference/Reference.html#//apple_ref/occ/intfm/NSURLConnectionDelegate/connection:didReceiveAuthenticationChallenge" target="_blank">http://developer.apple.com/library/mac/documentation/Foundation/Reference/NSURLConnectionDelegate_Protocol/Reference/Reference.html#//apple_ref/occ/intfm/NSURLConnectionDelegate/connection:didReceiveAuthenticationChallenge</a>:>',<br>
<div>> giving a chance for the user to provide the credentials, by<br>
> calling the appropriate methods on the authentication challenge<br>
> object passed in.<br>
><br>
> AeroGear library, currently has a notion of pluggable<br>
> authentication modules providing an interface for clients to<br>
> implement 'login', and 'logout' methods, depending on the<br>
> authentication scenarios that they try to support. This fits<br>
> nicely with singleton credential storage approach, in the sense<br>
> when doing 'login' and 'logout', we simply edit the credential<br>
> storage adding or removing credentials appropriately. A branch<br>
> for this work can be found here<br>
</div>> <<a href="https://github.com/cvasilak/aerogear-ios/tree/basic.digest.auth" target="_blank">https://github.com/cvasilak/aerogear-ios/tree/basic.digest.auth</a>>.<br>
<div>> For usage, have a look at our integration test<br>
</div>> <<a href="https://github.com/cvasilak/aerogear-ios-integration/blob/basic.digest.auth/AeroGear-iOS-Integration/AeroGear-iOS-IntegrationTests/AGHttpBasicAuthenticationTests.m" target="_blank">https://github.com/cvasilak/aerogear-ios-integration/blob/basic.digest.auth/AeroGear-iOS-Integration/AeroGear-iOS-IntegrationTests/AGHttpBasicAuthenticationTests.m</a>><br>
<div>><br>
> For testing purposes, another branch<br>
</div>> <<a href="https://github.com/cvasilak/aerogear-ios/tree/basic.digest.nsurlcredential" target="_blank">https://github.com/cvasilak/aerogear-ios/tree/basic.digest.nsurlcredential</a>> was<br>
<div>> created, this time letting the user to directly pass<br>
</div>> <<a href="https://github.com/cvasilak/aerogear-ios-integration/blob/basic.digest.nsurlcredential/AeroGear-iOS-Integration/AeroGear-iOS-IntegrationTests/AGHttpBasicAuthenticationTests.m#L50" target="_blank">https://github.com/cvasilak/aerogear-ios-integration/blob/basic.digest.nsurlcredential/AeroGear-iOS-Integration/AeroGear-iOS-IntegrationTests/AGHttpBasicAuthenticationTests.m#L50</a>> an<br>
> NSURLCredential<br>
> <<a href="http://developer.apple.com/library/ios/#Documentation/Cocoa/Reference/Foundation/Classes/NSURLCredential_Class/Reference/Reference.html" target="_blank">http://developer.apple.com/library/ios/#Documentation/Cocoa/Reference/Foundation/Classes/NSURLCredential_Class/Reference/Reference.html</a>> object<br>
<div>> initialised with the username/password combination during the<br>
> Pipe configuration. Those credentials are internally stored and<br>
> given back to the system by implementing the necessary callback<br>
</div>> <<a href="https://github.com/cvasilak/aerogear-ios/blob/basic.digest.nsurlcredential/AeroGear-iOS/AeroGear-iOS/core/AGHttpClient.m#L240" target="_blank">https://github.com/cvasilak/aerogear-ios/blob/basic.digest.nsurlcredential/AeroGear-iOS/AeroGear-iOS/core/AGHttpClient.m#L240</a>>.<br>
<div>> A usage example can be found in our integration test<br>
</div>> <<a href="https://github.com/cvasilak/aerogear-ios-integration/blob/basic.digest.nsurlcredential/AeroGear-iOS-Integration/AeroGear-iOS-IntegrationTests/AGHttpBasicAuthenticationTests.m" target="_blank">https://github.com/cvasilak/aerogear-ios-integration/blob/basic.digest.nsurlcredential/AeroGear-iOS-Integration/AeroGear-iOS-IntegrationTests/AGHttpBasicAuthenticationTests.m</a>><br>
<div>><br>
> advantages of using the singleton approach:<br>
> - fits nicely with the authentication mechanism we have in place<br>
> (as an extension HTTPBasicDigestAuthenticationModule<br>
</div>> <<a href="https://github.com/cvasilak/aerogear-ios/blob/basic.digest.auth/AeroGear-iOS/AeroGear-iOS/security/AGHttpBasicDigestAuthentication.m" target="_blank">https://github.com/cvasilak/aerogear-ios/blob/basic.digest.auth/AeroGear-iOS/AeroGear-iOS/security/AGHttpBasicDigestAuthentication.m</a>>)<br>
<div>> so user familiarity when looking to add basic/digest support to<br>
> the Pipe.<br>
> - we control the credential type e.g.<br>
> 'NSURLCredentialPersistenceForSession'. This eliminates errors<br>
> of using 'NSURLCredentialPersistencePermanent' and having the<br>
> user to explicitly clear the keychain when trying to login with<br>
> a different combination. For my search, many errors occurs<br>
> because of this.<br>
><br>
> disadvantages of using the singleton approach:<br>
> - not sure if many iOS dev will like the fact of creating an<br>
> Authenticator object instead of using directly an<br>
> NSURLCredential object that are used to.<br>
><br>
> ---<br>
> advantages of using the 'nsurlcredential' directly:<br>
> - users familiarity with the object.<br>
> - not explicit login logout request.<br>
><br>
> disadvantages of using the 'nsurlcredential' directly:<br>
> - error credential type can lead to errors.<br>
><br>
> With discussions with Matthias, we are more keen in following<br>
> the HTTPBasicDigestAuthenticationModule<br>
</div>> <<a href="https://github.com/cvasilak/aerogear-ios/blob/basic.digest.auth/AeroGear-iOS/AeroGear-iOS/security/AGHttpBasicDigestAuthentication.m" target="_blank">https://github.com/cvasilak/aerogear-ios/blob/basic.digest.auth/AeroGear-iOS/AeroGear-iOS/security/AGHttpBasicDigestAuthentication.m</a>> approach<br>
<div>> instead of providing the NSURLCredential<br>
</div>> <<a href="http://developer.apple.com/library/ios/#Documentation/Cocoa/Reference/Foundation/Classes/NSURLCredential_Class/Reference/Reference.html" target="_blank">http://developer.apple.com/library/ios/#Documentation/Cocoa/Reference/Foundation/Classes/NSURLCredential_Class/Reference/Reference.html</a>> configuration<br>
<div>> option on the Pipe. Surely enough, in the documentation we will<br>
> explicitly state that "login"/ "logout" methods, serve as a<br>
> mean to setup internally the iOS authentication system so users<br>
> don't have too (instead of calling remote endpoints)<br>
><br>
><br>
><br>
> While the "NSURLCredential" better fits the meanings of BASIC/DIGEST<br>
> (no explicit login/logout against a server), however that will cause<br>
> all sorts of issues, since the APP_DEVELOPER is reponsible for<br>
> providing the NSURLCredential; If we uses a _permanent_ storage, all<br>
> sorts of errors may occur (like Christos was already indicating).<br>
><br>
><br>
> I (currently) like the "auth_module" approach better. However, as<br>
> Christos mentioned, we need to state (in API docs) that login/logout<br>
> is JUST applying/removing the credentials. The doc needs to say that<br>
> on LOGIN (for instance) no request is hit against the server.<br>
><br>
><br>
> -Matthias<br>
><br>
><br>
><br>
><br>
> Wdyt?<br>
><br>
> Thanks,<br>
> Christos<br>
><br>
><br>
> _______________________________________________<br>
> aerogear-dev mailing list<br>
</div>> <a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a> <mailto:<a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a>><br>
<div>> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
><br>
><br>
><br>
><br>
> --<br>
> Matthias Wessendorf<br>
><br>
> blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
> sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
> twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a><br>
><br>
> _______________________________________________<br>
> aerogear-dev mailing list<br>
</div>> <a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a> <mailto:<a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a>><br>
> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
<div>><br>
><br>
> _______________________________________________<br>
> aerogear-dev mailing list<br>
> <a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</div></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>
_______________________________________________<br>aerogear-dev mailing list<br><a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a><br><a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></blockquote>
</div><br></div></div></div></div><br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br>
<br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>
_______________________________________________<br>aerogear-dev mailing list<br><a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>https://lists.jboss.org/mailman/listinfo/aerogear-dev</blockquote></div><br></div></div></body></html>