1 Reply Latest reply on Aug 30, 2006 8:08 PM by peterent

    Security question

    Rendl Level 1
      I have a quick security question. I am new to the flash player and flex. I have written a login application that connects via PHP to MySQL to authenticate. PHP provides a success or failure message when the login HTTPService is called from the flash client. Is it unsafe to then store that success response on the client? Any better solutions?

        • 1. Re: Security question
          peterent Level 2
          In general you try not to pass secure information over the wire. Obviously you need to pass a user id and password from the client to the server for authentication. If your system is secure you'll probably want to use HTTPS and not HTTP. But sending back an "OK" is reasonable. You may even need to pass back something that activates or enables certain parts of the UI depending on the user's security level within your installation. That's normal, too.