• BlackBerry Dynamics
  • Runtime library for iOS applications
  • 12.0.1.79
GDCacheController Class Reference

Control the secure authentication cache. More...

#import <BlackBerryDynamics/GD/GDNET.h>

Inheritance diagram for GDCacheController:

Description

Use this class to control the secure authentication cache of the GDURLLoadingSystem and the deprecated GDHttpRequest class. (Currently, there are only two controls.) The secure authentication cache is used as follows.

URL Loading System
Stores credentials for all authentication methods.
Stores tickets for Kerberos authentication.
GDHttpRequest (deprecated)
Stores tickets for Kerberos authentication.
See also
GDURLLoadingSystem
GDHttpRequest

Class Methods

(void) + clearCredentialsForMethod:
 Clear cached authentication credentials. More...
 
(void) + kerberosAllowDelegation:
 Allow or disallow Kerberos delegation. More...
 

Method Documentation

◆ clearCredentialsForMethod:

+ (void) clearCredentialsForMethod: (nullable NSString *)  method

Call this function to clear the cached credentials for a particular authentication method, or to clear for all methods. Calling this function clears the session cache, and the permanent cache if present. (Currently, the BlackBerry Dynamics runtime only has a permanent cache for Kerberos authentication tickets.)

Parameters
methodOne of the following constants, specifying which cache or caches are to be cleared:
NSURLAuthenticationMethodHTTPBasic clears Basic Authentication credentials,
NSURLAuthenticationMethodDefault also clears Basic Authentication credentials,
NSURLAuthenticationMethodHTTPDigest clears Digest Authentication credentials,
NSURLAuthenticationMethodNTLM clears NTLM Authentication credentials,
NSURLAuthenticationMethodNegotiate clears Kerberos Authentication credentials and tickets,
nil clears all of the above.

◆ kerberosAllowDelegation:

+ (void) kerberosAllowDelegation: (BOOL)  allow

Call this function to allow or disallow Kerberos delegation within BlackBerry Dynamics secure communications. By default, Kerberos delegation is disallowed.

If Kerberos delegation is allowed, the BlackBerry Dynamics runtime behaves as follows.

  • Kerberos requests will be for tickets that can be delegated.
  • Application servers that are trusted for delegation can be sent tickets that can be delegated, if such tickets were issued.

If Kerberos delegation isn't allowed, the BlackBerry Dynamics runtime behaves as follows.

  • Kerberos requests won't be for tickets that can be delegated.
  • Application servers won't be sent tickets that can be delegated, even if such tickets were issued.

After this function has been called, delegation will remain allowed or disallowed until this function is called again with a different setting.

Note: User and service configuration in the Kerberos Key Distribution Center (KDC), typically a Microsoft Active Directory server, is required in order for delegation to be successful. On its own, calling this function won't make Kerberos delegation work in the whole end-to-end application.

When this function is called, the Kerberos ticket and credentials caches will be cleared. I.e. there is an effective call to the clearCredentialsForMethod: function with an NSURLAuthenticationMethodNegotiate parameter.

Parameters
allowYES to allow delegation, NO to disallow.

The documentation for this class was generated from the following file: