Hi,
What are you using to protect your services ?
I want that the first time a user access one of the service
(RemoteObjects in my case), he will be redirected to a custom login
form. This form will send authentication data to a class that will
validate these informations against our database.
I don't know how to do that :
- Basic authentication cannot be used because of the custom form and the
custom authenticator
- Custom authentication can maybe be used. As I understand, for the
custom form this is OK, but the authenticator validate against the
server authentication mechanism (e.g. the tomcat-users.xml for Tomcat)
and not my database. I saw some things about LoginCommand java interface
but it is not clear.
- Use a totaly custom authentication mechanism with a server generated
token returned to the client on login. After that, for each call the
client send the token and the server revalidate it.
Have someone already implemented something similar ?
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/flexcoders/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
