blackberry.com
BlackBerry Dynamics
Runtime library for iOS applications
from the application developer portal
Static Public Member Functions

GDCacheController Class Reference

Control the secure authentication cache. More...

#import <GDNET.h>

List of all members.

Static Public Member Functions


Detailed Description

Use this class to control the secure authentication cache of the GDURLLoadingSystem and the deprecated GDHttpRequest class. (Currently, there are only two controls.) The secure authentication cache is used as follows.

URL Loading System
Stores credentials for all authentication methods.
Stores tickets for Kerberos authentication.
GDHttpRequest (deprecated)
Stores tickets for Kerberos authentication.
See also:
GDURLLoadingSystem
GDHttpRequest

Member Function Documentation

+ (void) clearCredentialsForMethod: (NSString *)  method

Call this function to clear the cached credentials for a particular authentication method, or to clear for all methods. Calling this function clears the session cache, and the permanent cache if present. (Currently, the BlackBerry Dynamics runtime only has a permanent cache for Kerberos authentication tickets.)

Parameters:
methodOne of the following constants, specifying which cache or caches are to be cleared:
NSURLAuthenticationMethodHTTPBasic clears Basic Authentication credentials,
NSURLAuthenticationMethodDefault also clears Basic Authentication credentials,
NSURLAuthenticationMethodHTTPDigest clears Digest Authentication credentials,
NSURLAuthenticationMethodNTLM clears NTLM Authentication credentials,
NSURLAuthenticationMethodNegotiate clears Kerberos Authentication credentials and tickets,
nil clears all of the above.
+ (void) kerberosAllowDelegation: (BOOL)  allow

Call this function to allow or disallow Kerberos delegation within BlackBerry Dynamics secure communications. By default, Kerberos delegation is disallowed.

If Kerberos delegation is allowed, the BlackBerry Dynamics runtime behaves as follows.

  • Kerberos requests will be for tickets that can be delegated.
  • Application servers that are trusted for delegation can be sent tickets that can be delegated, if such tickets were issued.

If Kerberos delegation isn't allowed, the BlackBerry Dynamics runtime behaves as follows.

  • Kerberos requests won't be for tickets that can be delegated.
  • Application servers won't be sent tickets that can be delegated, even if such tickets were issued.

After this function has been called, delegation will remain allowed or disallowed until this function is called again with a different setting.

Note: User and service configuration in the Kerberos Key Distribution Center (KDC), typically a Microsoft Active Directory server, is required in order for delegation to be successful. On its own, calling this function won't make Kerberos delegation work in the whole end-to-end application.

When this function is called, the Kerberos ticket and credentials caches will be cleared. I.e. there is an effective call to the clearCredentialsForMethod: function with an NSURLAuthenticationMethodNegotiate parameter.

Parameters:
allowYES to allow delegation, NO to disallow.

The documentation for this class was generated from the following file: