it there any way to create an advanced password authentication in flash ? I saw the tutorial here :[URL] but I want to take it to the next level an create a more advanced authentication that will draw the passwords from a database or something external ( asp, php ). what is the most secure way to do it ?
View 5 Replies
Is there a way to automate authentication via adding the username/password in the profile XML of flash media encoder live (3.2)? I'm not referring to the command line parameters, but placing a tag in the xml file that contains the username/password for both the primary and backup server.
View 2 RepliesI'm making an Air file that uploads and overwrites an XML file.
So far, the php is very simple:
$everything = $_POST['saveThisXML'];
$everything = stripslashes($everything); $toSave = $everything;
$fp = fopen("settings.xml", "w"); if(fwrite($fp, $toSave)) echo "writing=Ok"; else echo "writing=Error"; fclose($fp);
I'd like to set up a user name and passowrd that the user enters in the Air app. Is it then just a matter of sending POST data to the php file, and have it check the user and pass variables? Is that a reasonably safe way to do it? If not, can someone please point me in th edirection of a good tutorial that they're used on this topic?
Im new at actionscript, and I am making a very project. Basicly, I have some thing were there is a page you can get to by beating other parts of the 'game'. I want to add some sort of a password or save feature to people can type in the password of something at the opening screen and jump to that page.
View 1 RepliesI am having a scenario where I need to access a service but when accessing it, I get an HTTP authentication popup of browser. I don't the users to see this. I talked to a guy working on same thing in some other technology and he mentioned that they are using Digest Authentication. I need to know how this can be achieved in Flash.
View 1 RepliesI need to authorise my Flash game (which runs on Facebook) users against my game server. I'm able to get their data like id, access token, etc, from Facebook on the client (I'm using the Flash Facebook API) but I'm not sure how to authorize them on my game server (e.g. do a login with a database query). One scenario that I have on my mind:
If I could get the same access token from Facebook on both the client (which I already do) and the server (with, for example, a redirect URL, which I tried but does not seems to work), then I could easily compare the two tokens (together with the user IDs) and thus authorize the user. UPDATE To put it simpler, I want to catch the token that is returned from Facebook on the server-side before it gets to the client (it can be a simple PHP script that parses the URL token parameter). Next, store it in the DB on the server, and when the client queries the server, I can do the comparison.
I am creating a website which will contain both ASP.NET pages and a Flash applet.I want to encapsulate my business logic in a WCF service which will be exposed through two endpoints: One accesssible over the Internet through HTTP(S), for use by the Flash client, and one accessible within the data center for use by the application servers.If this does not seem like a good approach, then stop me here; otherwise, I'll move on...
The question is how to authenticate requests coming from the Flash client. Since I don't want to store the user's password in a browser cookie, don't want to send the password with every request, and don't want to have to use HTTPS after the initial login, I plan on using a token-based authentication system. I also don't want the user to have to log into the Flash client after already logging into the site itself, so I plan on using Javascript to pass the token to the Flash client when it starts.
I know WCF supports using the .NET Framework's built-in security framework (System.Security) to enforce access control, and I would like to take advantage of this.The question, then, is: How do I pass the token to the WCF service when it is called by Flash, and how do I process the token on the server? WCF has an "issued token" authentication mode, but it appears this is intended to be used in a full-blown federation scenario with a Secure Token Service and SAML tokens--a bit more complexity that I really want. It is possible to use this mode with my own "simple random-string" tokens? If so, how? Keep in mind this needs to be compatible with Flash.I could potentially pass the token in a header (either a SOAP header or an HTTP header). In this case, once I've determined which user is making the request, how do I inform the framework so that the System.Security checks will work?Is there a different approach altogether that I should consider?Anything that avoids sending passwords in every request, lets me use System.Security, and works with Flash is a possibility.
i have a flash application connected with a script on a remote server(X)different from the server hosting the website(Y)the application on server X needs to get some user information so i need to identify the user by what i have in the cookie
remote server X will get those informations from server Y is there any way i can get the user name or user id from the CAKEPHP cookie var?the authentication is the one found on cakephp website
[flash]----request---->[server X]----request---->[server Y]----response---->[server Y]...
What I would like to do is to use ASP.NET impersonation to authenticate a Flash app as a user in IIS so that the file dependencies related to the flash file ( XML config files, and PHP API calls ) are not anonymously accessible when users try to access them directly through the URL. So, instead of displaying the contents of an XML config file, it should tell the unauthenticated user they do not have permission to view the file.
Is this possible? Right now I'm looking into request headers and the settings in IIS for authentication.
So I found out how to use Basic Authentication through help posted here. The problem I'm running into is that even though the flash app sends the appropriate request. Which is handled fine in FF, Chrome, and Safari. It still displays the login pop-up box for Opera and IE. Does anyone know why IE and Opera behave differently with Basic Authentication?
I have a site that has the main path under password protection. I also have a subfolder that have a separate (htaccess/htpasswd) password protection. For some reason, when I access the subfolder, I'm asked to put in my id/password twice. All of the files that are referenced are under the subfolder.
What should I be doing to troubleshoot this? I've tried this on different browsers and it's the same behavior. There is one main html page with a .swf (the only thing on the page)...it loads other assets but they are within the same subfolder.
I'm running into an issue with Uploadify. I have put Uploadify into my app and all works fine in dev (using the VS web server). All worked fine and checked until I deployed the app into my test environment which uses Integrated Windows Authentication. When I actually go to upload the file, the browser brings up a login prompt. At this point, even if you type in the correct username and password, the request seems not to complete and even if you tell the browser to remember the password it still brings up the login prompt.
When this started to occur, I decided to spin up Fiddler and see what was going on. But guess what, when ever Fiddler is running the issue doesn't occur. Unfortunately I can't make running Fiddler a reuqierment for running the app. I know there are some issues with Uploadify/flash when using forms authentication but I didn't think they carried across to Integrated Windows Authentication.
Authentication is performed with Basic auth over SSL (although the password inside the basic auth is SHA-2'ed). The issue is that using basic authentication for the Flash client is causing the standard browser log-in box to appear because of "WWW-Authentication: Basic" in the header. Flash is unable to bypass this by manually setting the Authorization header prior to the request.Other clients need to be able to authenticate via the existing mechanisms, so rewriting the authentication logic would not be ideal.
I have the idea that the authorization headers sent to and received from flash client could be dynamically rewritten to use another name for Basic auth which would cause the browser not to understand the auth mechanism and not present the dialog box. Authentication headers to and from Tomcat could be rewritten from "WWW-Authenticate: Basic" to "WWW-Authenticate: PretendBasic" but ideally the built in container security could still handle the basic auth after the rewrite.
I wrote a filter to rewrite inbound headers as "WWW-Authenticate: PretendBasic" as "WWW-Authenticate: Basic" hoping the next filter chain would be auth and the request would be handled as normal. Unfortunately the Servlet specification states that a filter cannot be inserted prior to authentication. I think the only possibility of this working is to create a stackable JAAS authentication module that would first perform a header rewrite on requests if coming from the Flash client, and then pass authentication through to the existing container managed security systems.
After trying many methods in Flash 6 I have not been able to create a working password field. If anybody has code that works with FLASH 6 please post it. I just want to have two frames a frame to enter the password, and a frame to say that the password was wrong and go back. Then if the password is correct I would like It to go to a different flash document.
View 1 Replieshow to apply password in action script flash?
View 1 RepliesI want to open Flash SWF/EXE with password with another SWF/EXE. Can I do this ?
View 4 Replieshow do i create a password box in flash when i'm making a form that is asking for a username and password?
View 5 RepliesI have this simple actionscript 2.0 code for a password field.. you have to enter "hello" to get the string "yes" otherwise you get the string "no" returned.. I was wondering if there were any flash terms you could enter into the input text field to still get access other than "hello" i.e. entering passwordstring would make the if statement say (read the code at the bottom first)...if(passwordstring == passwordstring)but that doesn't work..here is my code:
passwordstring = "hello"
_root.onEnterFrame = function()
{
[code]......
I've been trying to load some JSON from a URL with a username/password at the beginning.So the URL resembles: http:/[url]....I've been using the DataLoader class from greensock and it returns a Error #2032: Stream Error if the authentication is up but loads fine when it is disabled.I'm trying to add a 'Authorization' URLRequestHeader to get round this issue? Is this the best way forward?
Edit: I'm trying to use headers in a similar way to this post: Flex 3 - how to support HTTP Authentication URLRequest? but I'm not having much success. The base64 encoder I'm using is from here: http:[url]....
2nd Edit: latest code
_loader = new DataLoader(ENDPOINT, { onComplete:handleComplete, onError:handleError, onFail:handleFail } );
_loader.request.method = URLRequestMethod.POST;
_loader.request.data = new URLVariables("required=RandomData");[code].....
I know how to create a Username and password in flash. I want to know now is how to create a scene where users can register their own name and make their own password.
View 0 RepliesIs is possible to password a flash website page so that username and password are needed for access?
Is this something that can be created within Flash app itself or is third-party software needed?
I'm trying to publish an iPhone game and I have downloaded everything I need to allow me to publish through flash. I'm on a pc and I can't figure out what the password is of the .p12 certificate I made in openssl is. Here are the steps I've used:
I create my key:
openssl genrsa -out mykey.key 2048
I create a CSR with the correct info
openssl req -new -key mykey.key -out CertificateSigningRequest.certSigningRequest -subj "/emailAddress=yourAddress@example.com, CN=John Doe, C=US"
I upload this to apple and then download the certificate they send me, which I convert to a PEM with this code:
openssl x509 -in developer_identity.cer -inform DER -out developer_identity.pem -outform PEM
For my final step, I generate the .p12 using this:
openssl pkcs12 -export -inkey mykey.key -in developer_identity.pem -out iphone_dev.p12
Flash requires I enter the .p12, the .p12 password, and the provisioning profile I got from apple.
Here's a link to the tutorial I used if you want any more info: [URL]
My problem is rather simple. I have a site built totally in flash that I need a couple other people to be able to log into, but I don't want them to know the password. Does anyone know if there a way that I can load the flash site in an iframe, and then use some javascript to fill the flash username and password with the correct text so that they can just click the login button without knowing the username and password?
View 1 RepliesIs there any AS3/Air library for Zip files with password protection support? Previously i check FZip, it was great but it doesn't support encryption! Also another library that works good, but it not support encryption too.
View 1 RepliesI am making a screensaver and wondered if it is it possible to temporarily or dynamically password protect a Flash movie clip via a user input text field? For example, a user thinks up a password on the spot, types it in, hits a SET button and the mc cannot be disabled without re-entering the correct password. I am new to actionscript and from what I can find on Google it ooks as though the answer could lie in using veriables but i'm not sure how to implement this.
Currently I am using this code to hard wire passwords into my swf files before compiling them in SWF Studio:
on (keyPress "<Enter>") {
if (password.text == "password") {
gotoAndPlay("mc");
} else {
feedback.text = "INVALID";
}}
I am converting a friend of mine's business site to flash, and have come across a problem.I am not sure how to externally validate a login/password set up in flash.[code]
View 14 RepliesI kind of understand how to create a basic username and password 'menu' in flash.[code]But I would like to create a menu where a user can create a new username with then will be added to an exteral file ( data base I guess).From there on anything the user does is remembered on that name. And if that user exits the program and loads it again the user's stats are loaded.
View 4 RepliesI don't know if this is the right place to ask this or not, but I thought I remembered a way to pass a username and password to FMS via Flash Media Live Encoder? I simply need to pass two values, equivalent to this in AS3[url]...
View 1 RepliesI have a simple login form in Flash for a website. All users login using the same password. The current actionscript which I am using is as follows.
[Code]...
however it is very easy to extract the password by decompiling the swf. somebody direct me to a Flash - PHP (but no Sql) validation tutorial?
I'm using Flash CS4 and AS 3.0
I'm trying to add a login for running my flash movie. When the user clicks the login button, the text of the password field is authenticated, which allows gotoAndPlay(2) .
But the problem is both in my .swf and my projector .exe i can easily jump the login frame by pressing Ctrl+Enter .
Is flash (actionscript 2.0) secure enough to use for a website that holds personal info, password, restricted areas, ect. How can I make it secure enough if it's possible.
View 1 Replies
