How to remove the credentials that are used by http digest authentication in ASIHTTPRequest

I try to called [ASIHTTPRequest clearSession], but the request can still return 200 status, even if use the wrong username and password.

What 开发者_StackOverflow中文版am I supposed to do?

ASIHTTPRequest objects store the user information in a "session" by default, you have to disable this feature on every request you create to get the behavior that you want.

From the website docs:

NSURL *url = [NSURL URLWithString:@"http://allseeing-i.com/top_secret/"];
ASIHTTPRequest *request = [ASIHTTPRequest requestWithURL:url];
[request setUsername:@"username"];
[request setPassword:@"password"];
[request setUseSessionPersistence:NO]; //this is the line that disables storage

More on it here.