My iOS app is connecting to the Sharepoint web service and Sharepoint is used NTLM authentication.
At my side i have implemented below code for NTLM authentication:
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
if ([challenge previousFailureCount] == 0)
{
NSUserDefaults *userDefaults = [NSUserDefaults standardUserDefaults];
NSString *username = [userDefaults valueForKey:KEY_USERNAME];
NSString *password = [userDefaults valueForKey:KEY_PASSWORD];
NSURLCredential *newCredential;
newCredential = [NSURLCredential credentialWithUser:username password:password persistence:NSURLCredentialPersistenceNone];
[[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
} else {
[[challenge sender] cancelAuthenticationChallenge:challenge];
}}
So my questions are
- The username and password which are sending in above code are in encrypted form ?
- If the username and password are in encrypted mode then how NSURLAuthenticationChallenge is encrypting them?
Thanks in advance
I believe that whether the credential is encrypted or not depends on the protocol you're using to communicate with the server. For example, if you were using HTTPS, then the credentials would be encrypted with HTTPS, but if you were using plain HTTP, the credentials would be unencrypted.