Ask a Question related to Macromedia Flex General Discussion, Design and Development.
-
BillHeit #1
WebService custom authentication
I have a .NET web service that allows access to various levels of resources
(data) depending on what user logs into IIS using Basic authentication. In my
Flex application, which is not running on the same server as my web service, I
would like to have the user log in with a user name and password. Then pass
these credentials along to the .NET web service. I don't care if the flex app
itself is secure; it is only the web service that has sensitive data. I have
tried to use HttpService and WebService, both named and unnamed by assigning
the user's credentials using the setUsernamePassword and clearUsernamePassword
methods. It doesn't seem to work after the first use. Once the proxy connects
to the web service, it seems to keep the same connection credentials. See code
below. So is this a bug in Flex or is it by design? Does anyone know of a
better way to pass along the user's credentials? Or does anyone have a better
idea on how to do this? Thanks, Bill H Three Flex examples; unnamed
WebService, named WebService and an unnamed HttpService.
<?xml version="1.0" encoding="utf-8" ?>
<mx:Application xmlns:mx="http://www.macromedia.com/2003/mxml" width="50%"
height = "100%">
<mx:WebService wsdl="http://bheitstuman03/GBOS/ObjectService.asmx?WSDL"
id="myWebservice"
fault="handleFault(event)"
result="handleResult(event)"<mx:operation name="requestObjects" resultFormat="object">>
<mx:request>
<request>{txtRequestXML.text}</request>
</mx:request>
</mx:operation>
</mx:WebService>
<mx:VBox id="main">
<mx:Button id="btnSendWithAuth" label="Send With Authentication"
click="sendWithAuth()" />
<mx:Button id="btnSendWithInvalidAuth" label="Send With Invalid
Authentication" click="sendWithInvalidAuth()" />
<mx:Button id="btnSendWithoutAuth" label="Send Without Authentication"
click="sendWithoutAuth()" />
<mx:TextInput id="txtRequestXML" width="64" />
<mx:Tree id="resultHttpTree"
dataProvider="{myWebservice.requestObjects.result. requestObjectsResult.result.ob
jects}" width="426" height="91">
</mx:Tree>
</mx:VBox>
<mx:Script>
<![CDATA[
public function sendWithAuth():Void{
myWebservice.setUsernamePassword("testuser","Good2 Auth");
myWebservice.requestObjects.send();
}
public function sendWithInvalidAuth():Void{
myWebservice.setUsernamePassword("testuser","Bad2A uth");
myWebservice.requestObjects.send();
}
public function sendWithoutAuth():Void{
myWebservice.clearUsernamePassword();
myWebservice.requestObjects.send();
}
public function handleResult(event):Void{
alert("Service result returned event.")
}
public function handleFault(event):Void{
alert("Service fault returned event: " + event.fault.faultcode)
}
]]>
</mx:Script>
</mx:Application>
<?xml version="1.0" encoding="utf-8" ?>
<mx:Application xmlns:mx="http://www.macromedia.com/2003/mxml" width="50%"
height = "100%">
<mx:WebService serviceName="GBOSWebService"
id="myWebservice"
fault="handleFault(event)"
result="handleResult(event)"<mx:operation name="requestObjects" resultFormat="object">>
<mx:request>
<request>{txtRequestXML.text}</request>
</mx:request>
</mx:operation>
</mx:WebService>
<mx:VBox id="main">
<mx:Button id="btnSendWithAuth" label="Send With Authentication"
click="sendWithAuth()" />
<mx:Button id="btnSendWithInvalidAuth" label="Send With Invalid
Authentication" click="sendWithInvalidAuth()" />
<mx:Button id="btnSendWithoutAuth" label="Send Without Authentication"
click="sendWithoutAuth()" />
<mx:TextInput id="txtRequestXML" width="64" />
<mx:Tree id="resultHttpTree"
dataProvider="{myWebservice.requestObjects.result. requestObjectsResult.result.ob
jects}" width="426" height="91">
</mx:Tree>
</mx:VBox>
<mx:Script>
<![CDATA[
public function sendWithAuth():Void{
myWebservice.setUsernamePassword("testuser","Good2 Auth");
myWebservice.requestObjects.send();
}
public function sendWithInvalidAuth():Void{
myWebservice.setUsernamePassword("testuser","Bad2A uth");
myWebservice.requestObjects.send();
}
public function sendWithoutAuth():Void{
myWebservice.clearUsernamePassword();
myWebservice.requestObjects.send();
}
public function handleResult(event):Void{
alert("Service result returned event.")
}
public function handleFault(event):Void{
alert("Service fault returned event: " + event.fault.faultcode)
}
]]>
</mx:Script>
</mx:Application>
<?xml version="1.0" encoding="utf-8" ?>
<mx:Application xmlns:mx="http://www.macromedia.com/2003/mxml" width="50%"
height = "100%">
<mx:HTTPService id="myHttpService"
url = "http://bheitstuman03/GBOS/ObjectService.asmx/requestObjects"
fault="handleFault(event)"
result="handleResult(event)"
method="post"
contentType="application/x-www-form-urlencoded"
resultFormat="object" >
<mx:request>
<request>{txtRequestXML.text}</request>
</mx:request>
</mx:HTTPService>
<mx:VBox id="main">
<mx:Button id="btnSendWithAuth" label="Send With Authentication"
click="sendWithAuth()" />
<mx:Button id="btnSendWithInvalidAuth" label="Send With Invalid
Authentication" click="sendWithInvalidAuth()" />
<mx:Button id="btnSendWithoutAuth" label="Send Without Authentication"
click="sendWithoutAuth()" />
<mx:TextInput id="txtRequestXML" width="64" />
<mx:Tree id="resultHttpTree"
dataProvider="{myHttpService.result.result.objects }" width="426" height="91">
</mx:Tree>
</mx:VBox>
<mx:Script>
<![CDATA[
public function sendWithAuth():Void{
myHttpService.setUsernamePassword("testuser","Good 2Auth")
myHttpService.send()
}
public function sendWithInvalidAuth():Void{
myHttpService.setUsernamePassword("testuser","Bad2 Auth")
myHttpService.send()
}
public function sendWithoutAuth():Void{
myHttpService.clearUsernamePassword()
myHttpService.send()
}
public function handleResult(event):Void{
alert("Service result returned event.")
}
public function handleFault(event):Void{
alert("Service fault returned event: " + event.fault.faultcode)
}
]]>
</mx:Script>
</mx:Application>
BillHeit Guest
-
MSSQL2005 Endpoint (Webservice) Authentication
Hello, I am trying to fetch data from SQL Server 2005, bypassing IIS, SQL 2005 Endpoints require a username and password and don't support... -
WebService Authentication
Hi Experts, I have a ASP.Net application which consumes a ASP.Net WebService. In both these applications I have enabled Anonymous access and... -
windows authentication (webservice security)
I'm using a lan with domain server under win200, and, in the same network, but in an other machine, i've installed a webservice. This second server... -
ASP.NET Site/Webservice and Windows/Form authentication
Hi All I have an ASP.NET site which runs using Windows(NTLM) authentication over SSL. I have a webservice where a vendor is only able to call... -
Basic Authentication, WebService
I did the following to add http basic authentication for calling a webservice: chz11086.HelloAuthTestService service = new... -
Carson Hager #2 Re: WebService custom authentication
Have you tried this without using the proxy?
Carson
________________________________
Carson Hager
Cynergy Systems, Inc.
[url]http://www.cynergysystems.com[/url]
"BillHeit" <webforumsuser@macromedia.com> wrote in message
news:d08r67$elg$1@forums.macromedia.com...>I have a .NET web service that allows access to various levels of resources
> (data) depending on what user logs into IIS using Basic authentication.
> In my
> Flex application, which is not running on the same server as my web
> service, I
> would like to have the user log in with a user name and password. Then
> pass
> these credentials along to the .NET web service. I don't care if the flex
> app
> itself is secure; it is only the web service that has sensitive data. I
> have
> tried to use HttpService and WebService, both named and unnamed by
> assigning
> the user's credentials using the setUsernamePassword and
> clearUsernamePassword
> methods. It doesn't seem to work after the first use. Once the proxy
> connects
> to the web service, it seems to keep the same connection credentials. See
> code
> below. So is this a bug in Flex or is it by design? Does anyone know of
> a
> better way to pass along the user's credentials? Or does anyone have a
> better
> idea on how to do this? Thanks, Bill H Three Flex examples; unnamed
> WebService, named WebService and an unnamed HttpService.
>
> <?xml version="1.0" encoding="utf-8" ?>
> <mx:Application xmlns:mx="http://www.macromedia.com/2003/mxml" width="50%"
> height = "100%">
> <mx:WebService wsdl="http://bheitstuman03/GBOS/ObjectService.asmx?WSDL"
> id="myWebservice"
> fault="handleFault(event)"
> result="handleResult(event)"> <mx:operation name="requestObjects" resultFormat="object">> >
> <mx:request>
> <request>{txtRequestXML.text}</request>
> </mx:request>
> </mx:operation>
> </mx:WebService>
> <mx:VBox id="main">
> <mx:Button id="btnSendWithAuth" label="Send With Authentication"
> click="sendWithAuth()" />
> <mx:Button id="btnSendWithInvalidAuth" label="Send With Invalid
> Authentication" click="sendWithInvalidAuth()" />
> <mx:Button id="btnSendWithoutAuth" label="Send Without Authentication"
> click="sendWithoutAuth()" />
> <mx:TextInput id="txtRequestXML" width="64" />
> <mx:Tree id="resultHttpTree"
> dataProvider="{myWebservice.requestObjects.result. requestObjectsResult.result.ob
> jects}" width="426" height="91">
> </mx:Tree>
> </mx:VBox>
> <mx:Script>
> <![CDATA[
> public function sendWithAuth():Void{
> myWebservice.setUsernamePassword("testuser","Good2 Auth");
> myWebservice.requestObjects.send();
> }
> public function sendWithInvalidAuth():Void{
> myWebservice.setUsernamePassword("testuser","Bad2A uth");
> myWebservice.requestObjects.send();
> }
> public function sendWithoutAuth():Void{
> myWebservice.clearUsernamePassword();
> myWebservice.requestObjects.send();
> }
> public function handleResult(event):Void{
> alert("Service result returned event.")
> }
> public function handleFault(event):Void{
> alert("Service fault returned event: " + event.fault.faultcode)
> }
> ]]>
> </mx:Script>
> </mx:Application>
>
> <?xml version="1.0" encoding="utf-8" ?>
> <mx:Application xmlns:mx="http://www.macromedia.com/2003/mxml" width="50%"
> height = "100%">
> <mx:WebService serviceName="GBOSWebService"
> id="myWebservice"
> fault="handleFault(event)"
> result="handleResult(event)"> <mx:operation name="requestObjects" resultFormat="object">> >
> <mx:request>
> <request>{txtRequestXML.text}</request>
> </mx:request>
> </mx:operation>
> </mx:WebService>
> <mx:VBox id="main">
> <mx:Button id="btnSendWithAuth" label="Send With Authentication"
> click="sendWithAuth()" />
> <mx:Button id="btnSendWithInvalidAuth" label="Send With Invalid
> Authentication" click="sendWithInvalidAuth()" />
> <mx:Button id="btnSendWithoutAuth" label="Send Without Authentication"
> click="sendWithoutAuth()" />
> <mx:TextInput id="txtRequestXML" width="64" />
> <mx:Tree id="resultHttpTree"
> dataProvider="{myWebservice.requestObjects.result. requestObjectsResult.result.ob
> jects}" width="426" height="91">
> </mx:Tree>
> </mx:VBox>
> <mx:Script>
> <![CDATA[
> public function sendWithAuth():Void{
> myWebservice.setUsernamePassword("testuser","Good2 Auth");
> myWebservice.requestObjects.send();
> }
> public function sendWithInvalidAuth():Void{
> myWebservice.setUsernamePassword("testuser","Bad2A uth");
> myWebservice.requestObjects.send();
> }
> public function sendWithoutAuth():Void{
> myWebservice.clearUsernamePassword();
> myWebservice.requestObjects.send();
> }
> public function handleResult(event):Void{
> alert("Service result returned event.")
> }
> public function handleFault(event):Void{
> alert("Service fault returned event: " + event.fault.faultcode)
> }
> ]]>
> </mx:Script>
> </mx:Application>
>
> <?xml version="1.0" encoding="utf-8" ?>
> <mx:Application xmlns:mx="http://www.macromedia.com/2003/mxml" width="50%"
> height = "100%">
> <mx:HTTPService id="myHttpService"
> url = "http://bheitstuman03/GBOS/ObjectService.asmx/requestObjects"
> fault="handleFault(event)"
> result="handleResult(event)"
> method="post"
> contentType="application/x-www-form-urlencoded"
> resultFormat="object" >
> <mx:request>
> <request>{txtRequestXML.text}</request>
> </mx:request>
> </mx:HTTPService>
> <mx:VBox id="main">
> <mx:Button id="btnSendWithAuth" label="Send With Authentication"
> click="sendWithAuth()" />
> <mx:Button id="btnSendWithInvalidAuth" label="Send With Invalid
> Authentication" click="sendWithInvalidAuth()" />
> <mx:Button id="btnSendWithoutAuth" label="Send Without Authentication"
> click="sendWithoutAuth()" />
> <mx:TextInput id="txtRequestXML" width="64" />
> <mx:Tree id="resultHttpTree"
> dataProvider="{myHttpService.result.result.objects }" width="426"
> height="91">
> </mx:Tree>
> </mx:VBox>
> <mx:Script>
> <![CDATA[
> public function sendWithAuth():Void{
> myHttpService.setUsernamePassword("testuser","Good 2Auth")
> myHttpService.send()
> }
> public function sendWithInvalidAuth():Void{
> myHttpService.setUsernamePassword("testuser","Bad2 Auth")
> myHttpService.send()
> }
> public function sendWithoutAuth():Void{
> myHttpService.clearUsernamePassword()
> myHttpService.send()
> }
> public function handleResult(event):Void{
> alert("Service result returned event.")
> }
> public function handleFault(event):Void{
> alert("Service fault returned event: " + event.fault.faultcode)
> }
> ]]>
> </mx:Script>
> </mx:Application>
>
Carson Hager Guest
-
BillHeit #3 Re: WebService custom authentication
No, I have not tried it without using the proxy. It is my understanding that
you must use the proxy if the Web Service is not on the same domain as the Flex
Server (which is the case). Also, I would like to keep the proxy enabled for
better security. Bill
BillHeit Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
