Is this a Flex app on a web page? I am not sure about an AIR project but
with Flex and webservices, you still have the benefit of cookies and
sessions. I am working a project that uses a standard web page login
that gets the user logged in and the session started. After that it
moves to the Flex app. The user doesn't have to log in again unless the
session expires which is determined by the server. Subsequent calls to
webservices maintain that information. I am using Django (Python) but it
should be similar for other backends.
Are your webservices within the same domain? If not, are you able to
pass a token for authentication?
Michael
Jeffry Houser wrote:
Yes, MD5 is a hashing algorithm and it is unlikely you'd be able to
take a hash and get the original text (in a timely / efficient manner).
There are a few AS3 encryption projects. ASCrypt3:
ascrypt3.riaforge.com and Crypto http://crypto.hurlant.com/
<http://crypto.hurlant.com/>
Both of them have 2-way encryption algorithms you could use. AES
perhaps? That said, I worry about the security implications of storing
this type of authentication between application uses.
rmarples wrote:
>
>
> Tracy - Isn't MD5 a hashing algorithm? Meaning I can only encrypt, not
> decrypt? I don't
> think this would work for this scenario would it?
>
> Ryan
>
> --- In flexcoders@yahoogroups.com
<mailto:flexcoders%40yahoogroups.com>
<mailto:flexcoders%40yahoogroups.com>,
> "Tracy Spratt" <[EMAIL PROTECTED]> wrote:
> >
> > There is an MD5 library available for AS3 that I have used.
> >
> >
> >
> > Tracy
> >
> >
> >
> > ________________________________
> >
> > From: flexcoders@yahoogroups.com
<mailto:flexcoders%40yahoogroups.com>
> <mailto:flexcoders%40yahoogroups.com>
[mailto:flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com>
> <mailto:flexcoders%40yahoogroups.com>] On
> > Behalf Of rmarples
> > Sent: Monday, December 03, 2007 4:59 PM
> > To: flexcoders@yahoogroups.com
<mailto:flexcoders%40yahoogroups.com>
<mailto:flexcoders%40yahoogroups.com>
> > Subject: [flexcoders] Local storage of password
> >
> >
> >
> > I have a requirement to take credentials used for an external web
> > service and cache them
> > locally so that the user need not re-type their password each time
they
> > run the app. I can
> > easily store these credentials in a SharedObject (cookie) but I don't
> > want to store the
> > password in plain-text here. Does anybody have any recommendations
on an
> > ecrypt/decrypt
> > mechanism I can use for this? Also I have a requirement that any key
> > used to encrypt can not
> > be stored in the source code as a string literal.
> >
> > Ryan
> >
>
>
--
Jeffry Houser, Technical Entrepreneur, Software Developer, Author,
Recording Engineer
AIM: Reboog711 | Phone: 1-203-379-0773
--
My Company: <http://www.dot-com-it.com <http://www.dot-com-it.com>>
My Podcast: <http://www.theflexshow.com <http://www.theflexshow.com>>
My Blog: <http://www.jeffryhouser.com <http://www.jeffryhouser.com>>
