This seems to be an undocumented behavior of NSURLCredential
: when passing nil
as a password to credentialWithUser:password:persistence:
, and using this credential to respond the authentication challenge, iOS ignore the credential altogether.
The solution is to replace the nil
by an empty NSString
(@""
) when you don't want to use a password.
So your code should look something like:
NSURLCredential *credential = [NSURLCredential credentialWithUser:[keychainItem objectForKey:@"APP KEY"] password:@"" persistence:NSURLCredentialPersistenceForSession];
This is what I get from my nginx's logs with a nil
password:
xxx.xxx.xxx.xxx - - [18/Aug/2013:23:21:14 +0200] "GET /tmp HTTP/1.1" 401 188 "-" "test/1.0 CFNetwork/609.1.4 Darwin/12.4.0"
And with an empty string (apikey
being the username used in response to the challenge):
xxx.xxx.xxx.xxx - apikey [18/Aug/2013:23:21:16 +0200] "GET /tmp HTTP/1.1" 200 136 "-" "test/1.0 CFNetwork/609.1.4 Darwin/12.4.0"