HTTP basic access authentication with Objective-C and iOS

iOS SDKIn this blog post I am going to show how you can make an HTTP request to a webserver that supports basic access authentication using Objective-C and the iOS framework. Regretfully, I don’t have the time to create an Xcode project as an example. But the information and code should give you an idea of how you can build basic access authentication support in your iOS code.

Before we dive into the code, let’s do a quick review of how basic access authentication works. Before an HTTP request is sent to the server, we need to append an HTTP header called Authorization to the request. Here are the steps to generating the Authorization HTTP header:

Using username = myusername and password = mypassword as reference.

  1. Concatenate user name + colon + password. ie. “myusername:mypassword”
  2. Encode the concatenated string with the base64 algorithm. ie. “myusername:mypassword becomes” “bXl1c2VybmFtZTpteXBhc3N3b3Jk”
  3. Append the Base64 encoded string to the “Basic ” string. ie. “Basic bXl1c2VybmFtZTpteXBhc3N3b3Jk”
  4. Finally assign the value to the Authorization header

In Objective-C code, the above logic is translated to:

NSString *authStr = [NSString stringWithFormat:@"%@:%@", @"myusername", @"mypassword"];
NSData *authData = [authStr dataUsingEncoding:NSUTF8StringEncoding];
NSString *authValue = [NSString stringWithFormat:@"Basic %@", [authData base64Encoding]];
[request setValue:authValue forHTTPHeaderField:@"Authorization"];

Just one problem, NSData doesn’t inherently support Base64 encoding. We need to add Base64 encoding algorithm to NSData via Category, a mechanism Objective-C that allows programmers to extend an existing class without subclassing it. Anyway, you can download the Base64 encoding code below.

NSData+Additions source code

Credits and Reference:

Note that you can certainly implement Base64 encoding using C functions or by other means. But I find Category most intuitive to achieving our goal.

If you are still stuck, use the curl command on a shell to troubleshoot. Here are some examples:

% curl -v -H 'Authorization: Basic bXl1c2VybmFtZTpteXBhc3N3b3Jk' 'http://host/path'

% curl -v --trace-ascii dump.txt 'http://myusername:mypassword@host/path'

Creating multi-variants of an iOS app from a single Xcode project

iOS SDKWhen someone at work asked me about creating multiple variants of an iOS app  from a common codebase (ie. from a single Xcode project), I thought couldn’t this be achieved through defining multiple targets in that Xcode project?

I have done this before for a project where I created a “lite” version and an “HD” (iPad-only) version from a full-featured iPhone codebase I originally created. I was about to document the process on this post before coming across this blog post from Just2Us, which does a great job in explaining the entire process. Instead of duplicating the content, just refer to the blog post.

One thing I would do differently from what is described in the referenced post is that instead of adding a new target, I would recommend duplicating an existing target – this way I avoid the hassle of configuring the new build target and including the files to my target phases manually.

Duplicating a build target in Xcode

I have also created a project to demonstrate the multi-target in Xcode. You can download the file here.

Quick guide to iOS dateformatting


This blogpost will focus on the setDateFormat: method of NSDateFormatter which allow us to define the date format of the textual representation of the date and time in iOS/Cocoa. Here’s a summary of the specifiers used in the date format string.

The most commonly used date format specifiers are (keep in mind that they are case sensitive):

  • y = year
  • Q = quarter
  • M = month
  • w = week of year
  • W = week of month
  • d = day of the month
  • D = day of year
  • E = day of week
  • a = period (AM or PM)
  • h = hour (1-12)
  • H = hour (0-23)
  • m = minute
  • s = second

In general, the number of characters in a specifier determine the size of date field. Let’s use an example to illustrate date formatting.

eg. Input date = 2011-05-01 Sunday

1-character = 1-digit/character number or word (if number/word can’t be 1 character long then abbreviation or fullname is displayed).

[dateFormatter setDateFormat:@"E, d M y"];  // Output: Sun, 1 5 2011

2-character = 2-digit/character number or word (if number/word can’t be 2 character long then abbreviation is displayed).

[dateFormatter setDateFormat:@"EE, dd MM yy"];  // Output: Sun, 01 05 11

3-character = 3-digit/character number or word, or abbreviation (generally).

[dateFormatter setDateFormat:@"EEE, ddd MMM yyy"];  // Output: Sun, 001 May 2011

4-character = full name (generally).

[dateFormatter setDateFormat:@"EEEE, dddd MMMM yyyy"];  // Output: Sunday, 0001 May 2011

Here’s the weird part though, if you specify 5 E’s, you get an rather unexpected output. You would think that the output date field would be longer than 1 character:

[dateFormatter setDateFormat:@"EEEEE, ddddd MMMMM yyyyy"];  // Output: S, 00001 M 2011

For date formatting, the following reference table has been very useful:

Date Field Symbol Table (UTS #35 Unicode Locale Data Markup Language)

Back to blogging and a quick update

WordPress LogoIt’s been a while since I last blogged. Life has been so hectic that I hardly have the time to blog (not that I have been blogging regularly). I have been working on multiple projects since the beginning of the year. So I have been super busy with work.

In the beginning of the year, I have been toying with the idea of creating a new business in producing my own independent software products. But after careful consideration, I decided to focus on developing my consulting services in mobile and digital interaction development to establish a more steady stream of cash flow. I am still incubating these product ideas of mine on the side. Hopefully, I can start spending more time by Fall and turn one of these ideas into a viable business.

Materials for my iOS frameworks talk at MobileCamp Boston

Presentation Screen IconI will be speaking at MobileCamp Boston on Feb 19, 2011 (later today). I will be giving a presentation on building RESTful iOS apps using Three20 and RESTKit frameworks. I will write a blog entry with a more detailed coverage of my talk later. For now, here are the presentation slides and the TwitterReader Source Code I will use at the talk. Enjoy.

Icon credits: Jack Cai

TTTableViewController showMenu:forCell: example

iOS SDKA week ago, I was looking for ways in Three20 to create an animated row menu similar to the behavior in the Facebook app where a the table cell switches to a view with a “Like” and a “Comment” button. Upon more investigation, I discovered showMenu:forCell: in TTTableViewController that does exactly what I am looking for. Unfortunately Three20 documentation and samples shed little light on how showMenu:forCell: should be used. I also googled around and found a simple example and found this post on Three20 discussion thread on Google Groups, which was enough to get me started in right direction.

iPhone table view iPhone table view show menu

I messed around with the code further and came up with a more coherent technique in creating the animated show menu effect using showMenu:forCell: Here’s a snippet of the same code demonstrating how you can trigger the menu view by swipe gesture.

- (void) viewDidLoad {
  // Register the swipe gesture.
  UISwipeGestureRecognizer *recognizer = [[UISwipeGestureRecognizer alloc]
  [recognizer setDirection:(UISwipeGestureRecognizerDirectionRight |
  [self.view addGestureRecognizer:recognizer];
  [recognizer release];

  [super viewDidLoad];

- (void) swipeDidOccur:(UISwipeGestureRecognizer *)recognizer {
  // Get the start point so that we can do a hit test on the table view.
  CGPoint startPoint = [recognizer locationInView:self.tableView];
  NSIndexPath *path = [self.tableView indexPathForRowAtPoint:startPoint];
  TTTableViewCell* cell = (TTTableViewCell*) [self.tableView

  // Add menuView to the cell.
  UIView *menuView = [[UIView alloc] initWithFrame:cell.contentView];

  // Now call showMenu with the menu to display on the associated cell.
  [self showMenu:menuView forCell:cell animated:YES];
  [menuView release];
The code relies on detecting swipe touch gesture on TTTableViewController and using a selector to handle the gesture. Given a gesture touch point, you can determine the cell where the swipe occurred. Once you have a reference to a cell, you can call the showMenu:forCell:
What if we need to trigger the menu view by touch a button on the table view cell? This is what I did:
Create a subclass of TTTableViewCell and add a UIButton to the view.

The code relies on detecting swipe touch gesture on TTTableViewController and using a selector to handle the gesture. Given a gesture touch point, you can determine the cell where the swipe occurred. Once you have a reference to a cell, you can call the showMenu:forCell:
What if we need to trigger the menu view by touch a button on the table view cell? This is what I did:

Create a subclass of TTTableViewCell and add a UIButton to the view.

@interface MyViewCell : TTTableViewCell {

- (id) initWithName:(NSString *)name target:(id)target action:(SEL)action {
  // ...

  UIButton *moreButton = [UIButton buttonWithType:UIButtonTypeCustom];
  moreButton.frame = CGRectMake(268.0f, 6.0f, 32.0f, 32.0f);
  [moreButton setImage:TTIMAGE(@"bundle://Icon_More.png")
  [moreButton addTarget:target action:action
  [self moreButton];

  // ...

Next, create a subclass of TTTableViewController and add the custom TTTableViewCell to the data source.

@interface MyTableViewController : TTTableViewController {

- (void) createModel {
  self.dataSource = [TTListDataSource dataSourceWithObjects:
    [[[ContactViewCell alloc] initWithName:@"Cell 1"
    [[[ContactViewCell alloc] initWithName:@"Cell 2"

In the action handler, that’s where showMenu:forCell: is called. The trick is to determine which cell the button belongs to and consequently replace that cell withe the menu view. This is how I did.

- (void) plusButtonDidPress:(id)sender {
  // Load our custom menu view from a nib.
  UIView *menuView = [[UIView alloc] initWithFrame:cell.contentView];

  UIButton *moreButton = (UIButton *) sender;
  // Convert plusButton bounds to the the coordinate system of table view
  // and then get the cell containing the button.
  CGRect coord = [plusButton convertRect:moreButton.bounds toView:self.tableView];
  NSIndexPath *path = [self.tableView indexPathForRowAtPoint:coord.origin];
  TTTableViewCell* cell = (TTTableViewCell*) [self.tableView

  // Now call showMenu with the menu to display on the associated cell.
  [self showMenu:menuView forCell:cell animated:YES];

Here’s the entire source code on GitHub. Enjoy.


Since some of you asked, I have updated the sample on GitHub to include an example of you can “wire” the buttons on the MenuView to the appropriate action handlers.

First, create a base view controller called BaseCatalogViewController containing the action handlers and have the other 3 controllers inherit the base class. The file’s owner of MenuView.xib should be of type BaseCatalogViewController. Lastly, associate each button in MenuView.xib to an IBAction. You can find the source code at GitHub. Good luck.

Proper URL (Percent) Encoding in iOS

iOS SDKIf you are developing an iPhone app makes RESTful remote calls to a server in the Internet, you will likely need to encode your parameter to a percent encoded string (aka URL-encoding) so that you can properly embed the information in a URI before passing it to the remote server. For example, say you have an address that looks like this:

One Broadway, Cambridge, MA

Under URL encoding, the string becomes:


To encode a string using URL-encodng, simply use following method in NSString:


Conversely, you can use the following method to decode a URL-encoded string to back to its original text:


Full example:

NSString *rawText = @"One Broadway, Cambridge, MA";

NSString *encodedText = [rawText stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
NSLog(@"Encoded text: %@", encodedText);
NSString *decodedText = [encodedText stringByReplacingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
NSLog(@"Original text: %@", decodedText);

Here’s the output:
Encoded text: One%20Broadway,%20Cambridge,%20MA
Original text: One Broadway, Cambridge, MA

But there’s just one problem, stringByAddingPercentEscapesUsingEncoding doesn’t encode reserved characters like ampersand (&) and slash (/). For example:

NSString *rawText = @"Bed Bath & Beyond - URL=";

NSString *encodedText = [rawText stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
NSLog(@"Encoded text: %@", encodedText);
NSString *decodedText = [encodedText stringByReplacingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
NSLog(@"Original text: %@", decodedText);

Here’s the output:

Encoded text: Bed%20Bath%20&%20Beyond%20-%20URL=
Original text: Bed Bath & Beyond – URL=

As you can see, & and / (in bold red) aren’t encoded. As a workaround, use Foundation function CFURLCreateStringByAddingPercentEscapes instead (as suggested by Simon). Full example here:

// Encode a string to embed in an URL.
NSString* encodeToPercentEscapeString(NSString *string) {
  return (NSString *)
                                          (CFStringRef) string,
                                          (CFStringRef) @"!*'();:@&=+$,/?%#[]",

// Decode a percent escape encoded string.
NSString* decodeFromPercentEscapeString(NSString *string) {
  return (NSString *)
                                                          (CFStringRef) string,

int main (int argc, const char * argv[]) {
  NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];

  NSString *rawText = @"Bed Bath & Beyond - URL=";

  NSString *encodedText = encodeToPercentEscapeString(rawText);
  NSLog(@"Encoded text: %@", encodedText);
  NSString *decodedText = decodeFromPercentEscapeString(encodedText);
  NSLog(@"Original text: %@", decodedText);

  [pool drain];
  return 0;

And the output:

Encoded text:
Original text: Bed Bath & Beyond – URL=

This time it correct encode the & and / characters. Of course, you won’t be encoding the entire URL but only the URI parameters. There’s no code download for this, simply cut the above code snippets to your code and paste to your code base.

Errata (Feb 18, 2011)

CFURLCreateStringByAddingPercentEscapes returns a string reference with a retain count of +1. So remember to release it when you are done using it.

Code display and highlight plugin for WordPress

WordPress LogoI shopped around this weekend for a WordPress plugin that not only allows me to display code snippets on my blog but is also capable of syntax highlighting – thereby allowing the posted code to look pretty. For starters, this article provides a list of the top 12 WordPress code syntax display/highlight plugins. After installing and playing around with several plugins, I eventually settled for SyntaxHighlighter Evolved, which not only offers a great looking syntax highlighting theme against a dark background but is easily configurable and supports all of the programming languages I want to display on my blog, namely Objective-C, C#, Java, and JavaScript/HTML. Good stuff.

MassTLC Seminar: SaaS Business Model Update – Creating and Managing Revenues

GloveLast Thursday, I attended a seminar organized by Massachusetts Technology Leadership Council (Mass TLC) where speakers shared and discussed their experience and provided real life examples of how they had implemented SaaS business model in their organizations. Topics discussed in the session were focused around specific areas such as revenue model, customer acquisition, customer retention, and pricing. Here are the notes I took at the event.

David Skok, General Partner at Matrix Partners

David keynoted the event and provided a detailed framework for analyzing profitability, cashflow, and sales strategy in a SaaS business.

David presented these key metrics for anyone in operating in the business of SaaS:

  • (Customer) Lifetime Time Value (LTV) – this is an indicator of how well a SaaS business is performing. LTV relates to how much an average customer will return in value to the business over its predicted lifetime. In plain speak, LTV measures a SaaS business monetization performance.
  • Customer Acquisition Cost (CAC) – this is the business sales and marketing expense incurred over a period to acquire a customer. Basically, CAC measures a SaaS business cost.
  • Churn Rate – known also as attrition rate, this is a measure of net customers acquired or lost (through service or subscription cancellation) in a SaaS business.

David compared LTV with CAC and stressed that every SaaS company should strive for a CAC/LTV balance of:

LTV > 3*CAC (and good SaaS business are in the 5+ range)

David also talked about the growth of a SaaS company. It’s all about timing, don’t invest too early and burn cash as a company spends a lot of money during growth phase. SaaS companies need to know how to best utilize capital to maintain the key metrics and understand when is the best time to grow a company. On the latter point, David emphasizes that company growth usually coincides with one of the phases of a SaaS company. Get them right first before growing.

  • Search for product/market fit
  • Search for repeatable and scalable sales model
  • Scaling the business

David’s presentation can be found here.

William Daly, Manager of Professional Services at Iron Mountain

William gave an introduction to Iron Mountain and talked about their first customer, a leading financial company, they acquired. He highlighted how addressing the needs of their first customer changed their product/service offerings and business model. He ended the presentation emphasizing personal touch and connection goes a long way for any SaaS business.

Bill’s presentation can be found here.

Jim Kizielewicz, Senior VP and CMO at Kronos

Jim started his presentation with an overview of Kronos’s product offerings. It has been challenging for Kronos transitioning from a license-driven business model to one that provides both SaaS and perpetual-licensing. At the end, Kronos adopted a system that includes their traditional business model of offering perpetual licensing and one offering SaaS. They then broke their product/service offerings along the dimensions of pay, deploy, and manage, and designed bundles that comprise varying degrees of these dimensions.

Traditional License Managed Services Hosted License SaaS
Pay License License License Subscription
Deploy (Hosting) at Customer at Customer at Kronos at Kronos
Manage by Customer by Kronos by Kronos by Kronos

Under this strategy, Kronos first let the customers select a product and then allow them to pick a bundle that fits the customers requirements and budget.

Jim’s presentation can be found here.

Drew Fortin, Senior Manager of Internet Marketing at Compete

Drew gave a recount on one of Compete’s past marketing campaigns on driving free account holders to convert to paying customers. A few years ago, the company started speaking their brand and engaging more deeply with free account holders through a more streamlined online presence. The result created Compete Pulse, the company’s online magazine/blog, a series of white papers (to get white papers, users have to ask questions which turned out to be great), and expert educational content where partners in other domains are involved (Compete don’t claim to be an expert in everything, they refer to other partners who know their domains better). Conversion jumped from 0.85% to 1.25% while number of free accounts increase. There were no change in product and just marketing alone increased sales by 30%.

Drew Fortin’s presentation can be found here.

Cory von Wallenstein, VP of Product Management at Dyn

Cory discussed two tactics that the were used at Dyn to combat churn rate (reducing attrition and improving retention):

  • Don’t ask customers whose accounts are due to expire on Friday, Saturday, or Sunday to renew their subscription because their motivation to renew is low during the weekend. Defer notifying the customers about the renewal till Monday. This tactic change increased renewal rate from an average of 62% to 85%.
  • The Support team typically hears from people who dislike or love the product, but not from people from the middle. The company implemented a policy that whenever Support has the time, they proactively reach out to the customers in the middle asking them about the renewing their subscription. The team also asks if customers want to auto-renew, which generates huge upsell.

Cory also mentioned that customers love transparency and simplicity. It seemed contradictory to conventional wisdom at first to consolidate all DNS services into one service package. But Dyn did it anyway with a simple call to action, and all key metrics increased as a result.

Cory’s presentation can be found here.

The speakers were insightful and provided valuable information about the SaaS business model. The event was definitely a good one.


Icon by Shine 7. Free for personal use.

Frisbee thrower

Frisbee throwerA few months ago, my friend Yoav uncovered a stash of videos showing SDM students performing the development of a product in various phases of the project. The videos were shot in 2005 during the development of a frisbee thrower that our team built for the course entitled 15.980 – Product Design and Development, an interdisciplinary course at MIT that provides students a set of frameworks and tools for designing, developing, and commercializing a product.

I uploaded the videos to YouTube a month ago. And seeing the videos (again) today brings a big smile to my face. We had so much fun working on the project and actually built a working product that throws frisbees reliably. Great memories and kudos to team members Christian, David, Eugene, Matt, Spiros, and Yoav. Here are the videos.

We experimented with different ways of launching the frisbee from the machine.

The building of the frisbee thrower.

Field testing the frisbee thrower.

Demoed the frisbee thrower to the MIT ultimate frisbee team.