1 person found this helpful
Just I solved it by using BlazeDS few days ago.
But the nicest solution would be a native as3 solution and not based on browsers. There are some nice documentation about Windows Integrated Authentication (WIA) and nice solutions based on JAVA.
After seeing the Java source code, I would say that it would not be difficult porting that solution to AS3. What refrains me to do it is this post (the answer of Branden Hall):
Briefly, when you access to any system requiring Windows Integrated Authentication following happens:
1. Client sends any request to the server
2. Server rejects it (always) and it informs that you are against a system requiring NTLM authentication
3. Client sends Message Type 1 (host name and domain info).
4. Server sends a Message Type 2 (challenge/nonce).
5. Client sends a Message Type 3 (user credentials).
Messages are sent as http headers.
What this guy says is:
Flash can not send the keep-alive header and can not create persistent connections.
I think the first part is wrong, you can send any http header by using AS3, but not sure about the persistent connections. Alternatively, as3httclient project could be used to implement them, but it is build on top of as3 sockets and it seems a good solution only for AIR clients (Flash based apps would require start up a server on remote machines to allow Flash clients to communicate <- uggly).
I've not great expectations about Adobe's experts being involved, because I've read that Adobe's LCDS supports WIA, but BlazeDS not. And after studying (and solve) the problems of BlazeDS to support WIA, it's pretty obvious that supporting WIA was not a high priority goal for BlazeDS. Likely, after Flex and BlazeDS move to Apache, WIA support will be improved (I guess/hope).
Thanks for your reply Pablo. Unfortunately, I'm interacting with a 3rd party tool, so implementing something like BlazeDS isn't going to be an option for me (I don't think). I'm wondering if I'm helped by the fact that Flex Mobile is based on Air, and may make it somewhat easier. This seems like it would be a pretty standard thing, so I'm surprised it's not natively supported or at least a simple workaround.
I was finally able to solve this by using URLRequestDefaults.setLoginCredentialsForHost(host, user, password). The other part that was tripping me up for a long time was that when I passed my user name as domain\user, the \ was creating an escape character that was messing up the name. I changed it to domain\\user, and then it worked fine. I was able to pull data from a website on my iPad and authenticate using NTLM.