0 Replies Latest reply on Oct 21, 2008 1:57 PM by Petr Cihelka

    Flex/Air Application Login - the best way

    Petr Cihelka
      I have small ideological problem :) I have login form in my application. So, each user has his own login and password. As serverside is used LCDS with secured destinations.

      And here are two possible approaches:
      1) I use server side auth. mechanism (Tomcat realm) to check users credentials. I have custom auth. class, which check user credentials. This works, but, i have some problems in logout operation and if user enter wrong username or password.

      2) Second way is this. I have only one user (which is hardcoded in app or loaded from config). This user is authenticated to server at the start (setCredentials() ). I need this, because all destinations are secured. And the "real user" is verified against the services that will bring the information if that user is verified or not.

      So, i don't know which approach is better. Now, using the first.

      What do You think about this ? Which way is the best ?