Alright, so here is the real problem. FileReference.upload never shares session/cookies/headers/(all the stuff we can't set) with the browser or other requests made from Flash. This is a huge problem. How are we supposed to manage a secure server environment when the security issues on the client tie our hands? I have tried every trick in the book to get this to work and frankly I don't see any compelling reason to continue using Flex if we can't have a bit more control over server communication.
--- In flexcoders@yahoogroups.com, "Matt Chotin" <[EMAIL PROTECTED]> wrote: > > There are restrictions on what headers can be set. Check the docs here > to make sure you're OK: > http://livedocs.adobe.com/flex/201/langref/flash/net/URLRequestHeader.ht > ml > > ________________________________ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of Paul DeCoursey > Sent: Monday, March 26, 2007 10:12 AM > To: flexcoders@yahoogroups.com > Subject: [flexcoders] URLRequest.requestHeaders > > > > Has anyone used this? I am having a lot of trouble getting requests > to actually send those headers to the server. I'm curious if anyone > else has had experience with them. My problem is I cannot > authenticate to our remote servers. Some of the servers use Basic > Authentication and some use SOAP headers. I have been able to get it > to work by getting the session id from SOAP and passing that as to the > services that used basic. I had to turn off basic auth and just fail > the request if there is not a valid session. Problem now is I have no > session on this other server and need to get one created, but I cannot > authenticate because there are no soap handlers and Flash cannot be > basic without prompting the user. So I was looking at sending some > authentication tokens as headers with the requests, but they are not > arriving at the server. > > Paul >
