Hi,
I have set up an HTTP proxy on a server as well as a username/password for authentication. I'm looking to push a profile to make my iPad use this server. I crafted the profile and deployed using Apple Configurator. Looking at the profile XML I can correctly see the username / password fields, as expected given the HTML was produced by Configurator:
<key>ProxyUsername</key>
<string>simpleuser</string>
<key>ProxyPassword</key>
<string>developer</string>
However, the moment my device attempts to make an HTTP request, it prompts the end user for username/password. If the user does not enter then the authentication fails. A network capture from the proxy server shows something like this:
(IPAD->SERVER)
CONNECT (yahoo url port 443) HTTP/1.1
Host: (yahoo url)
User-Agent: Mozilla/5.0 (iPad; CPU OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.0 Mobile/14E304 Safari/602.1
Connection: keep-alive
Proxy-Connection: keep-alive
(SERVER->IPAD)
HTTP/1.1 407 Proxy Authentication Required
Server: internal/3.5.24
Mime-Version: 1.0
Date: Tue, 02 May 2017 15:45:54 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3137
X-internal-Error: ERR_CACHE_ACCESS_DENIED 0
Proxy-Authenticate: Basic realm="internal proxy-caching web server"
X-Cache: MISS from (internal server url)
Connection: keep-alive
{{ A BUNCH OF HTML }}
After the proxy server sends the 407 challenge, the iPad immediately prompts the end user for authentication, meaning the iPad fails to remember how to authenticate.
I checked the ipad logs using configurator. this is what I got during the auth failure:
May 2 12:36:54 Strangers-iPad configd[30] <Notice>: network changed: v4(en0+:{REMOVED}) v6(en0:{REMOVED}) DNS! Proxy
May 2 12:36:54 Strangers-iPad networkd[88] <Notice>: nw_nat64_post_new_ifstate successfully changed NAT64 ifstate from 0x2 to 0x8000000000000000
May 2 12:36:55 Strangers-iPad nehelper[93] <Error>: Configuration for provider com.apple.NetworkExtension.NetworkServiceProxy does not exist (<__NSConcreteUUID 0x1754cf50> F5A853A9-F11C-454C-88D1-E7E84E750281) or is not enabled (0)
May 2 12:36:55 Strangers-iPad UserEventAgent[23] <Error>: Probe message failed
May 2 12:36:56 Strangers-iPad apsd[92] <Error>: *** WARNING: CFMachPortSetInvalidationCallBack() called on a CFMachPort with a Mach port (0xfd33) which does not have any send rights. This is not going to work. Callback function: 0x25bccaed
May 2 12:36:57 Strangers-iPad geod[140] <Error>: *** WARNING: CFMachPortSetInvalidationCallBack() called on a CFMachPort with a Mach port (0x127b) which does not have any send rights. This is not going to work. Callback function: 0x25bccaed
May 2 12:36:57 Strangers-iPad Preferences[438] <Warning>: /BuildRoot/Library/Caches/com.apple.xbs/Sources/ExternalAccessory/ExternalAccessory-329.40.4/EAAccessoryManager.m:__51-[EAAccessoryManager _checkForConnectedAccessories]_block_invoke-632 ending background task
May 2 12:36:57 Strangers-iPad SpringBoard[48] <Warning>: HW kbd: Failed to set (null) as keyboard focus
The only line that really stuck out to me here is the line about NetworkServiceProxy config does not exist. I'm not sure why that's there or if there's a way to avoid it. Does anyone