tags:

views:

33

answers:

1
Q: 

how to access username/password application wide

I'm using the SFHFKeychainUtils which is a wrapper for Apple's Keychain. To query a password I need a username.

How can I access username application wide? Use a singleton? Other solutions?

A: 

Store the username (but not the password) in NSUserDefaults. Or, if you only have one user/pass pair, then you can just look at the appropriate attribute of the Keychain item.

Graham Lee  2010-09-21 09:31:05
Thanks, I forgot NSUserDefaults. What do you mean with one user/pass pair? I'm using `getPasswordForUsername`. How do I get the appropriate attribute of the Keychain item?
testing  2010-09-21 09:51:25
I mean if you only have one username and one password throughout the app. You get the attributes using `SecItemCopyMatching()` (I don't know if the wrapper you're using provides a wrapped implementation)
Graham Lee  2010-09-21 09:57:51
Yes, I'm using only one username and one password throughout the app. No the wrapper doesn't provide it. So I can do it on my own, but I think I'll use `NSUserDefaults`. One more question: How to deal with the passwords I get back? Currently, I'm planning to store them in `NSString`. Is it better to directly set them as arguments (rather than buffer them in `NSString`)? Or should I encode it?
testing  2010-09-21 10:15:47
Hmm, I wrote a whole book on that :). The best approach is to use the password as little as possible - get it just before you need it, use it, then zero out the memory. Passing it around between functions and keeping it longer than necessary makes it easy to extract the password from memory (not a real concern on a non-jailbroken device, but you can't control whether your users jailbreak).
Graham Lee  2010-09-21 10:23:55
That's what I thought. Use it when you really need it. A whole book? Wow! I'll have a look at it. Because you mentioned jailbreak: Is it possible to completely hide the password?
testing  2010-09-21 10:41:04
Never completely, but you can minimise its use. If your server supports OAuth then you can exchange the password for an access token and you never need to store the password, even in the keychain.
Graham Lee  2010-09-21 11:01:08

related questions

How do we get arround Apple's decission to skip sms templates for iPhone?
iPhone App Crashing - Error Question
Can I write native iPhone apps using Python
Does the Iphone 1/2 have a compass inside?
How do you beta test an iphone app?
Is it just the iPhone simulator that is restricted to intel only Mac's?
iPhone App Minus App Store?
Deleting messages from Exchange IMAP mailbox on iPhone
Is there a multiplatform framework for developing iPhone / Android applications?
How can I launch the Google Maps iPhone application from within my own native application?
Tips for a successful AppStore submission?
iPhone app that access the Core Location framework over web
Virtual Mac?
What's a good machine for iPhone development?
How can I develop for iPhone using a Windows development machine?
Recommended iPhone Development Resources
Best Wiki for Mobile Users
How to programmatically send SMS on the iPhone?
iPhone - Exchange Calendars in Public Folders
iPhone web applications, templates, frameworks?
Understanding reference counting with Cocoa / Objective C
How-to articles for iPhone development, Objective-C
What are the correct pixel dimensions for an apple-touch-icon?
How do I give my web sites an icon for iPhone?
iPhone app in landscape mode