Login on Microsoft IAS from IOS SDK (cookie/form based login)

Recently I had to authenticate from an iOS device against a Microsoft IAS. Had never done this before and it was not that easy to find out how so I’m posting my solution here.

For the record, I am not sure which version of IAS I’m authenticating against and actually I’m not even sure it’s IAS but still this solution should work for form based authentications.

I’m using ASIHTTPRequest in iOS.

- (void)loginWith:(NSString*)userName andPassword:(NSString*)password {
    NSLog(@"Login with user: %@ and pass: %@", userName, password);
    NSURL *url = [NSURL URLWithString:
        @"https://domain.com/CookieAuth.dll?Logon"];
    ASIFormDataRequest *request = [ASIFormDataRequest requestWithURL:url];
    [request setPostValue:@"Z2F" forKey:@"curl"];
    [request setPostValue:@"0" forKey:@"flags"];
    [request setPostValue:@"0" forKey:@"forcedownlevel"];
    [request setPostValue:@"20" forKey:@"formdir"];
    [request setPostValue:@"4" forKey:@"trusted"];
    [request setPostValue:userName forKey:@"username"];
    [request setPostValue:password forKey:@"password"];
    [request setPostValue:@"Log On" forKey:@"SubmitCreds"];

    [request setDelegate:self];
    [request startAsynchronous];
}

- (void)requestFinished:(ASIHTTPRequest *)request
{
    if (request.responseStatusCode == 400) {
        NSLog(@"Invalid code");
    } else if (request.responseStatusCode == 403) {
        NSLog(@"Code already used");
    } else if (request.responseStatusCode == 200) {
        NSString *responseString = [request responseString];
        NSLog(@"Response %@", responseString);
    } else {
        NSLog(@"Unexpected error");
        NSLog(@"%@", [request responseString]);
    }
}

ASIHTTPRequest takes care of the cookie so it will automatically be passed to the server on requests.

This is really just a plain form login and really has nothing to do with Microsoft IAS.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.