Comments on: Flex / AIR, PHP and user authentication http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/ Flex, AIR and Rock&Roll Fri, 21 Nov 2008 08:47:29 +0000 http://wordpress.org/?v=2.6.3 By: Mihai Corlan http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1222 Mihai Corlan Tue, 11 Nov 2008 14:03:14 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1222 @Dejan I think the problem is with the certificate. If this is a certificate signed by Certificate Authority, it shouldn't ask every time. Otherwise, if you try the same thing but in the IE browser, I think will ask for permission each time. @Dejan
I think the problem is with the certificate. If this is a certificate signed by Certificate Authority, it shouldn’t ask every time. Otherwise, if you try the same thing but in the IE browser, I think will ask for permission each time.

]]> By: Dejan http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1178 Dejan Thu, 06 Nov 2008 15:27:23 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1178 Hello, I've developed Flex Air application that consumes Web services on telephony server. I've added Authorization header to enable Basic http authentication; the problem I have is that "someone" (Flex Air engine?) asks for security certificate every time the Web service is invoked. I can't force the application to import the certificate (in "Security Alert" window it says "The import was successful", but next time when the service is invoked, it is the same story). The service returns valid result. Application written in C#, which consumes same Web service with same credentials and on same client workstation works fine. Any idea how to proceed? Thx, Dejan Hello,

I’ve developed Flex Air application that consumes Web services on telephony server. I’ve added Authorization header to enable Basic http authentication; the problem I have is that “someone” (Flex Air engine?) asks for security certificate every time the Web service is invoked. I can’t force the application to import the certificate (in “Security Alert” window it says “The import was successful”, but next time when the service is invoked, it is the same story). The service returns valid result.

Application written in C#, which consumes same Web service with same credentials and on same client workstation works fine.

Any idea how to proceed?

Thx,
Dejan

]]> By: Mihai Corlan http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1156 Mihai Corlan Mon, 03 Nov 2008 10:15:02 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1156 @avidFlex >>1) Is it necessary to use the AsyncToken for user authentication? I am not sure I understood your question. If you use RemoteObject (with AMFPHP) you have just to register the listners for result to receive the answer from the call. >>2)What kind of data does AMFPHP pass back to Actionscript? Here is a resource to see the mapping between the ActionScript types and PHP: http://amfphp.org/docs/datatypes.html Take a look at my article on Flex and PHP with AMFPHP http://corlan.org/2008/10/10/flex-and-php-remoting-with-amfphp/ @avidFlex
>>1) Is it necessary to use the AsyncToken for user authentication?
I am not sure I understood your question. If you use RemoteObject (with AMFPHP) you have just to register the listners for result to receive the answer from the call.

>>2)What kind of data does AMFPHP pass back to Actionscript?
Here is a resource to see the mapping between the ActionScript types and PHP: http://amfphp.org/docs/datatypes.html

Take a look at my article on Flex and PHP with AMFPHP http://corlan.org/2008/10/10/flex-and-php-remoting-with-amfphp/

]]> By: avidFlex http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1155 avidFlex Mon, 03 Nov 2008 04:14:09 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1155 Hi there, Been trying to create a user authentication using Flex 3 and AMFPHP. What happens in my case is that the PHP function works in the service browser, but when i try to pass variables into the PHP function (using remote object), either the variables are not being passed in or the PHP function is not returning the variable i need for other checking purposes. Just a few questions after reading the tutorial: 1) Is it necessary to use the AsyncToken for user authentication? 2) What kind of data does AMFPHP pass back to Actionscript? Thanks in advance for the help. Hi there,

Been trying to create a user authentication using Flex 3 and AMFPHP. What happens in my case is that the PHP function works in the service browser, but when i try to pass variables into the PHP function (using remote object), either the variables are not being passed in or the PHP function is not returning the variable i need for other checking purposes.

Just a few questions after reading the tutorial:
1) Is it necessary to use the AsyncToken for user authentication?
2) What kind of data does AMFPHP pass back to Actionscript?

Thanks in advance for the help.

]]> By: Bookmarks about Air http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1001 Bookmarks about Air Thu, 11 Sep 2008 02:45:38 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-1001 [...] - bookmarked by 4 members originally found by septembersember on 2008-08-18 Flex / AIR, PHP and user authentication http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/ - bookmarked by 2 members [...] [...] - bookmarked by 4 members originally found by septembersember on 2008-08-18 Flex / AIR, PHP and user authentication http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/ - bookmarked by 2 members [...]

]]> By: Mihai Corlan http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-908 Mihai Corlan Sat, 30 Aug 2008 20:08:07 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-908 @seme1 1. To import the project you need to have Flex Builder 3 2. Usually a token is a string of 32 chars or more. Each user must have an unique token, and many people are generating using a hash function such as MD5. @seme1
1. To import the project you need to have Flex Builder 3

2. Usually a token is a string of 32 chars or more. Each user must have an unique token, and many people are generating using a hash function such as MD5.

]]> By: seme1 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-907 seme1 Sat, 30 Aug 2008 09:24:05 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-907 I am using only HTML/Javascript to develop my AIR application. I was unable to get your project imported in Aptana. I am trying to understand how to save tokens with AIR. Are they simply string variables ? In the server-side code,, does each user have a different token? What's the best approach for generating tokens ? I am using only HTML/Javascript to develop my AIR application. I was unable to get your project imported in Aptana.

I am trying to understand how to save tokens with AIR. Are they simply string variables ? In the server-side code,, does each user have a different token? What’s the best approach for generating tokens ?

]]> By: Mihai Corlan http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-790 Mihai Corlan Fri, 15 Aug 2008 19:26:44 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-790 Yes, they can decompile and see the buttons they shouldn't, but they cannot use it. As I explained in my post, when the client make a request to the server, the server knows (based on session or token) what user / credentials made the request. If the method is outside of the user rol, it is discarded. Yes, they can decompile and see the buttons they shouldn’t, but they cannot use it. As I explained in my post, when the client make a request to the server, the server knows (based on session or token) what user / credentials made the request. If the method is outside of the user rol, it is discarded.

]]> By: TVPDan http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-789 TVPDan Fri, 15 Aug 2008 15:06:00 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-789 By that method though, if someone took the SWF file and decompiled it, wouldn't they see items that they could use maliciously? By that method though, if someone took the SWF file and decompiled it, wouldn’t they see items that they could use maliciously?

]]> By: Mihai Corlan http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-788 Mihai Corlan Fri, 15 Aug 2008 08:24:17 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-788 One way is to set the visible property to "false" on the UI Components you want to hide. Another way is to use mx:states to define one state for each rol. One way is to set the visible property to “false” on the UI Components you want to hide.

Another way is to use mx:states to define one state for each rol.

]]> By: TVPDan http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-787 TVPDan Fri, 15 Aug 2008 01:14:12 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-787 What would be the best method for showing certain Flex app elements based on user permissions in a DB (MySQL)? Say, admins can see a delete button and regular users cant, but can see everything else. Thanks, Dan What would be the best method for showing certain Flex app elements based on user permissions in a DB (MySQL)? Say, admins can see a delete button and regular users cant, but can see everything else.

Thanks,
Dan

]]> By: Flex / AIR, PHP and user authentication « Rich Internet Applications http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-631 Flex / AIR, PHP and user authentication « Rich Internet Applications Wed, 23 Jul 2008 10:42:46 +0000 http://corlan.org/2008/07/22/flex-air-php-and-user-authentication/#comment-631 [...] Source [...] [...] Source [...]

]]>