Manage access across the firewall via the URL Loading System. More...
#import <GDURLLoadingSystem.h>
BlackBerry Dynamics applications can utilize the native URL Loading System to communicate with servers that are behind the enterprise firewall. Communication across the enterprise firewall utilizes the BlackBerry Dynamics proxy infrastructure, which is secure.
Access across the firewall is enabled in the URL Loading System by default, when authorization of the application succeeds. The application can subsequently disable and enable access. If the application's or the user's authorization is withdrawn, access is implicitly disabled for the duration of the withdrawal.
Access across the firewall utilizes the BlackBerry Dynamics proxy infrastructure. The BlackBerry Dynamics SDK includes a class that interfaces with the infrastructure. The interfacing class is also compatible to be registered as a URL handler in the URL Loading System. Enabling and disabling access across the firewall actually registers and de-registers the interfacing class. This means that, when access is disabled, the default URL Loading System handlers will service any URL requests.
Note that synchronous request calls shouldn't be made from the main application thread.
Note the following details.
NSURLAuthenticationMethodHTTPBasic
is supported.NSURLAuthenticationMethodDefault
is treated as NSURLAuthenticationMethodHTTPBasic
.NSURLAuthenticationMethodHTTPDigest
is supported.NSURLAuthenticationMethodNTLM
is supported, specifically: NTLMv1, NTLMv2, and NTLM2 Session.NSURLAuthenticationMethodNegotiate
is supported for Kerberos version 5.@
realm, and a password.NSURLCredentialPersistence
flag of NSURLCredential
:NSURLCredentialPersistenceNone
credential is used for this connection onlyNSURLCredentialPersistenceForSession
credential is persisted in memoryNSURLCredentialPersistencePermanent
treated as NSURLCredentialPersistenceForSession
YES
is assumed for the setAllowsCellularAccess
flag. See the NSMutableURLRequest class reference on the apple.com developer website for details of this flag.Additional features are made available, using the NSURLCache(GDURLCache) subclass.
An HTTP server may support multiple authentication methods. For example, a server could support both NTLM and Kerberos authentication. By default, the BlackBerry Dynamics runtime handles this by selecting the first authentication method presented.
The application can implement its own handling for multiple authentication methods, as follows.
le:GDRejectAuthSupport
Boolean
YES
connection::willSendRequestForAuthenticationChallenge
callback.rejectProtectionSpaceAndContinueWithChallenge
function, where necessary.The following code snippet illustrates a simple implementation of the callback mentioned in the above.
- (void)connection: (NSURLConnection *)connection willSendRequestForAuthenticationChallenge: (NSURLAuthenticationChallenge *)challenge { if( [[challenge protectionSpace] authenticationMethod] != NSURLAuthenticationMethodNTLM ) { // Reject anything that is not NTLM, i.e. reject Negotiate. [[challenge sender] rejectProtectionSpaceAndContinueWithChallenge:challenge]; } else { NSURLCredential* cred = [NSURLCredentialcredentialWithUser:@"abc" password:@"abc" persistence:NSURLCredentialPersistenceForSession]; [[challenge sender] useCredential:cred forAuthenticationChallenge:challenge]; } }
+ (void) enableSecureCommunication |
Call this function to enable, or re-enable access across the enterprise firewall via the URL Loading System.
Access across the enterprise firewall is provided by the BlackBerry Dynamics proxy infrastructure. Only servers that have been specifically listed in the enterprise management console are accessible. See System administration tasks for application developers.
Access is enabled by default during authorization processing, which is initiated by the authorize (GDMac) function. The enableSecure
Communication
function need only be called if access was disabled after authorization, see the disableSecureCommunication function, below.
+ (void) disableSecureCommunication |
Call this function to disable access across the enterprise firewall via the URL Loading System.
Access can be re-enabled using the enableSecureCommunication function. Access will also be re-enabled during authorization processing, which is initiated by the authorize (GDMac) function.
+ (BOOL) isSecureCommunicationEnabled |
Call this function to check whether access across the enterprise firewall via the URL Loading System is enabled.
YES
if access is enabled. NO
otherwise.+ (Class) getProtocolClass |
This function returns an object that is suitable to be included in an NSURLSessionConfiguration
protocolClasses
list.
Note that isn't generally necessary for the application code to manipulate the protocol classes list in a session configuration. This is because the BlackBerry Dynamics runtime configures the list automatically. This function is provided for completeness.
Class
object.