My flex app (hosted in a .net environment) needs to access
some plain text, xml and swf assets stored in a subdirectory which
is protected by the 'Form Authentication' regime. Things went well
if the main app is located in the protected directory but I am
looking for a solution which allows the main app to be located in a
public accessible directory. So far the application still run but
failed to retrieve the assets from the protected directory. A
crossdomain.xml in the root didn't work but I'm not sure it was
being put in the wrong location or there were some other reasons.
Something crossed my mind was the allowDomain() method in the
Security class but not sure about its relevancy in my case. Looking
forward to hear some advices.