Php :: Php Authentication (2) Launch A Flex App Which Knows The User Has Already Been Authenticated
May 30, 2009
Almost everything is in the title : Here's what I'd like to do :A nice html page with a php authentication process (http first then http**s** & so on) Launch a flex app which knows (I don't know how (this is the actual question !)) the user has already been authenticated and display his/her stuff he/she has to do for the day (or whatever...).
Of course if someone try to call directly the flex app I would display an "authentication error" message and then redirect to the authentication page.I'm sorry for my English which is perfectible.I was thinking about the session cookie : first authenticate then ass a variable on the server side, something like :
I have a web application developed using flex and cakephp. My client need to make a desktop application of that web application using Adobe Air. The conversion of the flex to Air is done successfully. I the flex application the communication of flex and cakephp is handled using a remotes controller. In air application I have a problem of authenticating the user with cakephp default user authentication
I'm using Google Engine App with Python. I want to add custom user authentication. How is it done, with the best practices? I want custom authentication because the app is built in Flex and I don't want to redirect to an HTML page.
The user value object is like this: class User(db.Model): email = db.EmailProperty(required = True, indexed = True) masked_password = db.StringProperty(required = True) # maybe more things here
I would like to mask the password, is there some built in function in GAE? Then, how I will remember the current user? Through sessions and cookies? Or what else?
I'm using Spring, Spring Security, BlazeDS, Flex and spring-flex.I know that I can call channelSet.login() and channelSet.logout() to hook into Spring Security for authentication.channelSet.authenticated apparently only knows about the current Flex session, as it always starts off as false, until you call channelSet.login().hat I want to do: Check from Flex to know if a user is already in a session.
I'm building a site that is placed behind a client login tool. I simply need my site to verify the users "authentication level" so they are forwarded to the correct "label/frame" on my time line.
I.E. Owners go to the "Owners" label on the time line, Managers go to the "Managers" label on the time line and Employees go to the "Employees" label on the time line.
I know Flash is accessing the PHP file as when I change the name of the PHP file, Flash provides an error. Therefore, I'm assuming it's reaching the file as I'm not getting any compiler/output errors.
Does anyone know the file upload hack for Flex, which will allow files to be uploaded to authenticated web services via multipart form post? In this bug report from the Adobe site, a user reports: Flash isn't cross-browser compatible if this feature only works via Javascript hacks. So far, I've been unable to craft such a hack. I'm unsure what to do next. Here's what I've tried so far (all have been unsuccessful or impossible). Set cookies on url Pass cookies to Flex URLRequest Create hidden html form in javascript to post file
Got a site almost complete however the user authentication isn't working. Simply put, I wish my website to reference a PHP file, which is echoing a users authentication level. Via the Actionscript, Flash pushes the user to the frame on the timeline they have the authority to view.
My PHP Code <?phpecho 'checkLog=999';?>
My AS2 Code - This code is pasted in the first frame of the timeline appname="mikesapp"loadVariablesNum("newlogin.php", 0, "POST"); //This verifies the users status and forwards them to the portion of the website they are authorized to access.////Auth Level 100 = Regional Access, Auth Level 200 = Franchise Access, Auth Level 300 = Employee Access, Auth Level 400 = Denied Access and Back Button as they do not have the privileges to move forward from there.//
Because the "checkLog" value is 999, the user should be forwarded to the "denied" label in the timeline however it is not as the site simply loops over and over. I'm sure Flash is accessing the "newlogin.php" file as when I rename it, flash errors stating it cannot locate the file. I have changed it back to the correct name since.
we would like to purchase Flash Media Interactive Server 3.5 to solve the following problem
1.Broadcast network internet lectures on a paid subscription,with the possibility user authentication.
2. Broadcast video and audio.
3. Broadcasting from several sources (1 camera, 2 camera, TV tuner, etc.)within a single stream with the possibility of the user to choose the viewing source, other sources at this time, you can view the preview.
4. The intended audience for 10 000 users and more. 5. Estimated flow rate of 1 megabit per second.
1. Is it possible for broadcasters to use a single server, or they need more? What configuration? 2. Does Flash Media Interactive Server 3.5 multicast? 3. How to make the system user authorization? Additional software, plug-ins? 4. How many users can simultaneously connect to the broadcast Flash Media Interactive Server 3.5 and how we calculate the bandwidth and outbound traffic?
Using the Webservices connector, I'm able to connect to any public webservice but when I try the same method to connect to a webservice that requires authentication I get URL not found error.Is there a way to pass the web-services credentials through Flash or any work around?
I am trying to access a .Net service which requires an authentication header. If WebService is used it works fine. But when it is accessed using HTTPService it throws error. The project is already done by somebody else using HTTPService. Now changing to webService requires some time since there needs to be modification in a lot of files.
Below is the SOAP envelop required by the service.
I have a website when requires the user to be logged in to access the contents. I need to embed some music player which can play some mp3. But the mp3 download link cannot be public, so is there any way to pass the PHP session to any flash based players so that the user can listen to it.
Edit: I would want a ready made flash player which has this functionality. Ideally something like the yahoo media player which can be embedded easily
I want to have flex portlets side by side with JSP portlets. How can we implement the authentication mechanism? [ Authentication will be handled by the portal and how can we share the same session with flex portlets ]
I am developing an application in Adobe Flex. This application is to be hosted on a Joomla Website. I want to achieve Single Sign On between my Joomla website and this Flex Application. The Users log in using the default Joomla Mechanisms however I want the username as well as some other details about the user inside my Flex Application.
Some background: I have a Flex app embedded in an HTML page and am using Flex to send a soap request to my Java backend that does some authentication depending on the username and password entered in the Flex form. If I enter the correct login everything works fine and the Flex app can continue making further requests. But with an incorrect username/password, an "Authentication Required" dialog box pops up in my Browser and my Flex app won't respond with its proper handler until I click cancel. I'd like to get rid of the dialog box somehow,
How would one create a video or audio stream using OSMF when there must be basic authentication on the url?Can one feed in Audio/Video using HTTPService to provide the header authentication?
We have a situation where a web application within an intranet requires windows authentication. This way employees of the company can login to their desktops and have automatic access to the web application and also be identified automatically without having to login because Windowns Authentication takes care of that. The problem is that we've added a Flex module to the web application. The web application comes up fine and authenticates the user can then navigate to the page where we have the Flex application. Which loads fine. The problem is that the Flex application also needs to communicate with the same server about this user but this communication is not working and is prompting the user for a password. Even if the correct user/pass is entered it fails and the Flex application can't talk to the server which requires Windows authentication.
Our expectations was the since the IE browser housing the flex application was already authenticated that all communication from the Flex app would also carry with it the necessary information to enable it to access the server without authentication.
In AIR on Mac, when I send login creds to a service and they're incorrect, AIR displays a native popup window to try logging in again without dispatching an error event. Twitter provides a header (suppress_response_codes=true), which returns any error as a status 200 with the error message. I'm using HTTPService to connect to a service without a header like this. Are there any properties or headers I can send to avoid this popup?
I have flex client application with php as a server and i want to implements domain user and password authentication. I'm sending the user and the password from the flex client through httpservice to php script and the php script authenticate the user and the password with the domain But! I want to encrypt the user's password in flex and to decrypt it in the php. I have the as3crypto.swc module for the flex but I don't find any way to decrypt it in the php. So, how can I do that and If this is not the right way to do that how can I do that?
I want to call web service which has basic authentication.once url get authenticated then want to call particular service example xyz() which takes 2 parameter and return a flag .
I have a flex app that allows the user to upload a file.The flex side uses the FileReference.upload method that goes to an .aspx page that handles the upload. It works only intermittently when I have IIS set to integrated windows authentication.That said, for testing purposes,I wrote a separate aspx page that does a file upload and this always works.I'd like to leverage the file import,though, within the nice looking flex app and not kick off a new webpage for a file upload.In looking at the IIS logs I have a hypothesis as to what's happening, and want to know if someone has full understanding as to why it may only intermittently work and can confirm or deny this: Flex' FileReference upload guts does whatever it does on the client then initiates a POST request to my .aspx page.On the times it failes, the IIS logs state that IE didn't pass the credentials so denies the request then sends a 401 response.
I don't get this 401 response on the flex side even though I'm listening for HTTP status codes (flash bug?).A new request is somehow immediately made to perform the upload again (it's not my code). I'm inferring this by looking at the IIS lgos which shows a second POST right after the previous one, only this time the user credentials are sent through, but the kicker is that the file the user uploaded is not uploaded this time. I infer this by the fact that the IIS logs show 0 bytes are posted, whereas the previous 401 request show a lot of bytes are POSTed.On the times it does work, what happens is that the first request for the HTTP POST the FileReference makes so happens to send the windows credentials along, so the client is not challenged.
I'm using Flex 4(beta2) with Ruby on Rails 2.3.5 and using RubyAMF to transfer data back and forth between Flex and server. set up Authlogic on the Rails side for authentication. wasn't sure what's the best method to handle user sessions. I know this is done automatically with Rails by sending session id with cookie which Rails use to authenticate the user.What do you suggest the best way to do this with Flex?I thought of couple of options:1. Manually fetching the cookie from the browser and then figuring our a way to send that to the server with every request I send. 2. Handling sessions expiration and flow on Flex side by manually expiring the session
I would like to launch a MapMouseEvent via a combination of keyboard short cuts and a mouse click. This is a portion of what I have, and I am not sure if the logic is correct:[code]I have looked at similar examples on this site but still have not reach any solution. I am hoping that someone who knows FLEX can help me to basically launch a function via a series of Keyboard shortcut. For example: Alt + mouse click, or Shift + mouseclick, or something along those lines. The reason is that a simple mouse click already does something else on the screen.
I hope this is the right place to post this I am working on a flex project in AS3 (no mxml).. I unchecked the "Generate Html wrapper file" and when I compile for debug it works fine in my target deployment path (which is called WWW).
my problem is: if my document class is on the root of the sources folder, the generated SWF will be on the root of the Deployment folder (WWW/main.swf) .... but if my document class is inside a package like com.projectName.main.as for example, the generated swf file will be:
So I read through Kirupa's XML/Flash thumbnail gallery tutorial and have since modified some of its actionscripting to display my online design portfolio. How do I make it so that 'LAUNCH PROJECT' is a link? Here is the modified Actionscripting (I have one of each for the 3 sections):
Code: function loadXML(loaded) { if (loaded) { xmlNode = this.firstChild;[code]....
As you can see at the bottom of the actionscript, I added a gotoURL action, hoping that simply by making <launch> read <launch action="gotoURL" variables="http:url...> that it would become a link. I, however, have had no such luck. Perhaps I have to add something more. How do I make it so that <launch></launch> has the ability to link to an URL?
I have a set of RESTful web services. These services are protected on a Glassfish server by OpenSSO. When I attempt to call the RESTful services directly from a browser, OpenSSO intercepts the request, then forwards the request to the REST service once the user's credentials are authenticated. OpenSSO utilizes a session cookie on subsequent requests (until the session is invalidated) . I'm sure this piece is working correctly.We'd like to call these services from a Flex client. In order to enable PUT and DELETE operations, we set up BlazeDS to proxy the RESTful requests from the flex client to the REST service. When security to the RESTful services is disabled, this piece works great.
Now we're trying to secure the entire application. We've placed the Flex SWF into a war and deploy to Glassfish. We've placed security around this resource and when a user attempts to download the SWF (through an HTML link in the war), OpenSSO intercepts the request, then forwards to the application on successful authorization (just like it does for the RESTful web services).The problem is - the RESTful calls made by the Flex application (via BlazeDS) are failing. OpenSSO seems to be intercepting these requests as well and again asking for the users credentials. It doesn't seem the authentication cookies are being passed to (or maybe by) the BlazeDS proxy.
Are there any differences implementing Flex application security in a clustered Java environment (such as Oracle Application Server/OC4J or a JBoss cluster) vs a single application server environment? (And/or does it depend on the specific environment software?)
What considerations are there in a situation where you need to authenticate with LDAP (AD) and store user access information in a database (ex. USER table containing username + permissions/roles info)? Any differences between Blaze DS and Granite DS?
I have a flex app hosted on a windows server running IIS. That same server has some rest services that the app interacts with. The rest services have windows authentication so that their urls cannot be called without credentials. The flex app needs to be accessible to the public so its files are accessed by enabling anonymous access. The problem is of course that when the app tries to call the rest services the browser pops a dialog box asking for windows username and pass. I naively hoped that if I set the anonymous access on the flex site to use the credentials of a windows account that had permission to view the rest services that would resolve the matter. I hoped that IIS would see the browser used the proper creds to view the flex app and use those same creds to get the rest services. Wrong, that didn't work.
So is what I want impossible? I'd like to find a way to not force the user to enter windows creds, keep the rest services using windows authentication, and have the flex app able to access the rest urls. Any ideas? Am I missing something? Also, it may turn out that the flex app is running on http and the rest services must be called with https. Does that change your answer?