2

I am using a web service with simple header authentication 

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
    NSString *userName = [_usernameTextField.text stringByTrimmingCharactersInSet:[NSCharacterSet whitespaceCharacterSet]];;
    NSString *passWord  = [_passwordTextfield.text stringByTrimmingCharactersInSet:[NSCharacterSet whitespaceCharacterSet]];
    if ([challenge previousFailureCount] == 0) {
        //Creating new credintial
        NSURLCredential *newCredential = [NSURLCredential credentialWithUser:userName
                                                                    password:passWord
                                                                 persistence:NSURLCredentialPersistenceForSession];
        [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
    }
    else {
        CommonCode*objCommon=[[CommonCode alloc]init];
        [_activityIndicator stopAnimating];
        [objCommon showAlert:@"Invalid Password, or no user found with this Email Address"];
    }
}

On the logout I am clearing the cokies with 

- (void)resetCredintialCache {
    NSDictionary *credentialsDict = [[NSURLCredentialStorage sharedCredentialStorage] allCredentials];
    if ([credentialsDict count] > 0) {
        // the credentialsDict has NSURLProtectionSpace objs as keys and dicts of userName => NSURLCredential
        NSEnumerator *protectionSpaceEnumerator = [credentialsDict keyEnumerator];
        id urlProtectionSpace;
        // iterate over all NSURLProtectionSpaces
        while (urlProtectionSpace = [protectionSpaceEnumerator nextObject]) {
            NSEnumerator *userNameEnumerator = [credentialsDict[urlProtectionSpace] keyEnumerator];
            id userName;
            // iterate over all usernames for this protectionspace, which are the keys for the actual NSURLCredentials
            while (userName = [userNameEnumerator nextObject]) {
                NSURLCredential *cred = credentialsDict[urlProtectionSpace][userName];
                [[NSURLCredentialStorage sharedCredentialStorage] removeCredential:cred forProtectionSpace:urlProtectionSpace];
            }
        }
        NSURLCache *sharedCache = [NSURLCache sharedURLCache];
        [sharedCache removeAllCachedResponses];
        NSHTTPCookieStorage *cookieStorage = [NSHTTPCookieStorage sharedHTTPCookieStorage];

        NSArray *cookies = [cookieStorage cookies];
        for (NSHTTPCookie *cookie in cookies) {

            [cookieStorage deleteCookie:cookie];
        }
    }
}

But after logout if I enter the wrong password I am logged in as theprevious user. How do I delete the cookies from the header of the HTTP request?

pNre
  • 5,376
  • 2
  • 22
  • 27
Test user
  • 459
  • 2
  • 17
  • 31

1 Answers1

1

NSURLRequest has a cachePolicy property, which specifies the caching behaviour of the request.

Set the following cache policy NSURLRequestReloadIgnoringLocalCacheData when making the request like the example bellow will load the data from the url and not from the cache.

NSURLRequest *request = [[NSURLRequest alloc] initWithURL:url cachePolicy:NSURLRequestReloadIgnoringLocalCacheData timeoutInterval:10];

NSURLRequestReloadIgnoringLocalCacheData

Specifies that the data for the URL load should be loaded from the originating source. No existing cache data should be used to satisfy a URL load request.

https://developer.apple.com/library/prerelease/mac/documentation/Cocoa/Reference/Foundation/Classes/NSURLRequest_Class/index.html#//apple_ref/c/tdef/NSURLRequestCachePolicy

Manuel Escrig
  • 2,825
  • 1
  • 27
  • 36