My guess is that the Flex server is caching the credentials somewhere when using the proxy server. I'm not sure if this is a bug or just that it is not designed to be used this way.
Anyway, I have not gotten a solution from this forum or the Flex forum on Macromedia's site so I have changed my strategy. I am using anonymous or a sigle fixed loggin to IIS and then authenticating the user through parameters pass into the web method. It seems to work pretty well. Bill --- In [email protected], "mshireygmail" <[EMAIL PROTECTED]> wrote: > > I also need help with this. I need to know how to make flex server > kill the session with the endpoint. This is a pretty major problem > for my application. > > -- Matthew > > --- In [email protected], "billheit" <[EMAIL PROTECTED]> wrote: > > > > I am not sure if this is a bug or if I am misunderstanding how the > > flex HttpService proxy works. But unless I re-start the Flex > > Server, the Flex proxy remembers the authentication credentials even > > when the browser has been closed and re-opened. > > > > Can someone help me with this? > > > > Bill > > > > --- In [email protected], "billheit" <[EMAIL PROTECTED]> wrote: > > > > > > > > > I have sessionState turned off on my .NET web service. When I > > test > > > my web service directly through IE, it requires me to login each > > > time I re-open the browser. > > > > > > When I access the web service through Flex HttpService, it does > > not > > > make me login if I close and re-open the browser. > > > > > > I also found that if I re-start the Flex server, then I am > > required > > > to login again. Are you sure the Flex server is not caching the > > > credentials or session somehow? > > > > > > Bill > > > > > > > > > --- In [email protected], "Jeff Steiner" <[EMAIL PROTECTED]> > > wrote: > > > > Bill, > > > > > > > > The issue is not with a cache but rather with the session and > > how > > > it is > > > > handled. Your browser is attached to the session at more the > > > machine level. > > > > If your session is still active it allows you through as > > trusted. > > > Check > > > > that the session of the webservice is not lasting longer than to > > > load your > > > > browser. That will force the user to login the next time they > > > open a > > > > browser. > > > > > > > > Jeff > > > > http://www.flexauthority.com > > > > ----- Original Message ----- > > > > From: "billheit" <[EMAIL PROTECTED]> > > > > To: <[email protected]> > > > > Sent: Friday, February 25, 2005 6:37 PM > > > > Subject: [flexcoders] User Credentials Cache > > > > > > > > > > > > > > > > > > > > > > > I have a .NET Web Service running on IIS with Basic > > > authentication. > > > > > In flex, I have a HttpService configured to request data from > > my > > > web > > > > > service. On a button click I call the HttpService.send() and > > > set an > > > > > event to handle the result. > > > > > > > > > > When I run this Flex app on my IE browser, I get a security > > login > > > > > dialog and so I enter my user name and password. I am granted > > > > > access to the web service and I see my data. All seems to be > > > > > working fine. > > > > > > > > > > However, when I close the browser and re-open it, I am not > > > prompted > > > > > with the security login again and my application acts as if I > > am > > > > > already logged in. Even if I clear the cache on my browser, it > > > > > still acts as it I am logged in. > > > > > > > > > > So I am wondering where my credentials are being cached. Is > > > there a > > > > > cache duration setting somewhere? How I can clear it? If the > > > user > > > > > closes the browser and re-opens the app, I want them to log > > back > > > in. > > > > > > > > > > Thanks, > > > > > > > > > > Bill > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Yahoo! Groups Links > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
