I am trying to understand why we all keep trying to make this so complex rather then taking advantage of the functionality that is already in Flex and your container (JRun, Tomcat etc). J2EE has a resonably simple model for handling authentication and access control that alleviates the requirement to write your own login logic, to write specific login remote objects, use custom authentication etc.
Effectively you only need to do the following. 1) Secure specific URL patterns via settings in the web applications deployment descriptor (web.xml). I have in the past, and would now be more then happy to show how to configure these. 2) Upon trying to load a secured URL pattern, the container will "challenge" you by presenting a login screen. We have developed these screens in Flex. Effectively you create a simple form with two input fields name j_username and j_password. You post those values to the url /j_security_check. Now the container handles all your authentication. Once completed the container will provide you access to the secured resource and will populate all the in-memory structures to completely support runtime interrogation of securerity context. Flex integrates so well and so transparantly with J2EE and its security model it is foolish not to take advantage of that. I dunno.... I'm an odd duck. I like writing less code :) -- Dave Wolf Cynergy Systems, Inc. Macromedia Flex Alliance Partner http://www.cynergysystems.com Email: [EMAIL PROTECTED] Office: 866-CYNERGY --- In flexcoders@yahoogroups.com, "Dimitrios Gianninas" <[EMAIL PROTECTED]> wrote: > > > Hi Allister, > > Ok let me clear things up for you. We use WebLogic 8.1 around here, in Flex I present a login screen to the user where they enter their credentials. These credentials are passed to the server (using a RemoteObject - it is not secure, but only has one method doLogin() ) where using a WebLogic API I authenticate the user, so WebLogic knows who he is and a HTTP session is created. > > Then all the other RemoteObjects are locked down and when the session expires, I kick them back out to the login screen (where I wrote below "// do whatever you want here, its a free country"), all still in Flex. > > Does this make more sense? > > Dimitrios "Jimmy" Gianninas > Optimal Payments > > -----Original Message----- > From: flexcoders@yahoogroups.com on behalf of allister_dickson > Sent: Thu 3/2/2006 6:13 PM > To: flexcoders@yahoogroups.com > Subject: RE: [flexcoders] Authentication with Macromedia Flex > > > Hi Dimitrios, > > From reading through your earlier posts I get the impression that you are > using a two methods to authenticate users. Initially, you authenticate the > user using standard J2EE form based authentication. Then when using a > service if you receive an authentication fault you use a flex popup window > to re authenticate. Is this correct? > > Also, if you get a session time out do you resubmit the original service > request after re-authentication? If so, what is the best way to generically > resubmit the request? > > Regards, > > Allister > > ----- Original Message ----- > From: Dimitrios Gianninas <mailto:[EMAIL PROTECTED]> > To: flexcoders@yahoogroups.com > Sent: Monday, October 10, 2005 12:59 AM > Subject: RE: [flexcoders] Authentication with Macromedia Flex > > I put theh handling of the failed authentication directly in the > Services.mxml... simple and works. > > <mx:Script> > function handleRemoteFault( event ):Void { > if( event.fault.faultcode == "Client.Authentication" || > event.fault.faultcode == "401" ) { > // do whatever you want here, its a free country > } > else { > event.call.faultHandler( event ); > } > } > </mx:Script> > > > Dimitrios "Jimmy" Gianninas > RIA Developer > Optimal Payments Inc. > > > _____ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of Douglas Knudsen > Sent: Friday, October 07, 2005 9:53 AM > To: flexcoders@yahoogroups.com > Subject: Re: [flexcoders] Authentication with Macromedia Flex > > > so, I got auth working using the approach you mentioned > > CallbackHandler handler = new SimpleCallbackHandler( userName, password ); > Subject subject = Authentication.login( handler ); > ServletAuthentication.runAs( subject, httpRequest ); > > silightly different looking under JRun of course. Now, I'm horribly stuck > on getting the roles of the user after logging in. I have set up Roles > under teh JMC, JRuns instance manager. I tested it all with BASIC auth, so > I know the autentication and authorisation are working. I've been working > all week on getting the roles for the user after authenticating and can't > find squat of an example. Any hints perhaps? > > On a similar note... Using service.setUserNamePassword() in Flex I know it > will authenticate a user, does it also authorise the user by gathering up > the roles defined in the containers JAAS config? > > > and one more concerning cairingrom.... to use service.setUserNamePassword() > effectively, it appears you would need to modify the onfault event of a > service in services.mxml file to check for a failed authentication. If not > here then every command using the service would need this check, eh? What > other way can this be done possibly? Create a AuthCommand abstract class to > extend or something? > > DK > > > On 10/7/05, Dimitrios Gianninas <[EMAIL PROTECTED]> > wrote: > > Ah yes about accessing the session, I read that article as well. I plan to > change this in the future, just haven't gotten there yet. > > > Dimitrios "Jimmy" Gianninas > RIA Developer > Optimal Payments Inc. > > > _____ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of Douglas Knudsen > Sent: Thursday, October 06, 2005 3:54 PM > > To: flexcoders@yahoogroups.com > Subject: Re: [flexcoders] Authentication with Macromedia Flex > > > > http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=9636f34e > <http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=9636f34e&pss=r > ss_flex_9636f34e> &pss=rss_flex_9636f34e > there. > > Thanks for the hint about using JAAS via CallBackHandler, etc in th eother > thread...I have not got it working 100% on JRun yet...but still banging away > at it. > > DK > > > On 9/26/05, Dimitrios Gianninas <[EMAIL PROTECTED]> > wrote: > > Where did you hear that it was not the approach to take? We have it working > this way for one of our projects. > > Yes, when you user source="servlet", you must configure the source attribute > in the remote-objects section of the flex-config.xml. You have to set it to > the name of your context. So if your web application context is > "localhost:8080/batman", then you must set: > > <source>batman</source> > > or for no security at all (don't do this in production): > > <source>*</source> > > > Dimitrios "Jimmy" Gianninas > RIA Developer > Optimal Payments Inc. > > > _____ > > From: flexcoders@yahoogroups.com [mailto: > <mailto:flexcoders@yahoogroups.com> [EMAIL PROTECTED] On Behalf Of > Douglas Knudsen > Sent: Sunday, September 25, 2005 9:51 PM > To: flexcoders@yahoogroups.com > Subject: Re: [flexcoders] Authentication with Macromedia Flex > > > > I was under the impression this was not the approach to take in 1.5. IIRC, > when messing with source= "servlet" I had to add some info to the > flex.config file. Can you comment on this? Just curious as there seems to > be so many ways to do this. > > DK > > > On 9/24/05, Dimitrios Gianninas <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > wrote: > > Ok here is how to do this. > > Basically you will have a login.jsp page that will authenticate the user > using FORM authentication. Once the user has logged in successfully, then > you must retrieve the user information from your DB and save it to the > session, this might look something like this: > > UserVO user = userAdmin.getUser( userName ); > session.setAttribute( "user", userLogin ); > > Now that the user object is in the session, once the Flex app loads, you can > retrieve it from the session and make use of it as you please. First you > must declare a RO that will connect with the current session: > > <mx:RemoteObject id="sessionSvlt" source="servlet" > result= "handleSessionResult( event.result)" > fault= "handleSessionFault(event)" > showBusyCursor="true" /> > > And then you get the object from the session like so: > > sessionSvlt.session( "get", "user" ); > > Dimitrios "Jimmy" Gianninas > RIA Developer > Optimal Payments Inc. > > > _____ > > From: flexcoders@yahoogroups.com [mailto: > <mailto:flexcoders@yahoogroups.com> [EMAIL PROTECTED] On Behalf Of > jagabcdeff > Sent: Friday, September 23, 2005 7:08 AM > To: flexcoders@yahoogroups.com > Subject: [flexcoders] Authentication with Macromedia Flex > > > > Hi all, > > I working on small application. > > The flow is like Macromedia Flex<->Spring<->Hibernate<->DB using Jboss > Server. > Now i have to use JAAS to this application. > > Please guide me how to do authentication when user login with username > and password . > > > > Thanks & Regards, > Jagan > > > > > > > > > -- > Flexcoders Mailing List > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > <http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt> > Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com > > > > > SPONSORED LINKS > Web site design development > <http://groups.yahoo.com/gads?t=ms&k=Web+site+design+development&w1=Web+site > +design+development&w2=Computer+software+development&w3=Software+design+and+ > development&w4=Macromedia+flex&w5=Software+development+best+practice&c=5&s=1 > 66&.sig=L-4QTvxB_quFDtMyhrQaHQ> Computer software development > <http://groups.yahoo.com/gads?t=ms&k=Computer+software+development&w1=Web+si > te+design+development&w2=Computer+software+development&w3=Software+design+an > d+development&w4=Macromedia+flex&w5=Software+development+best+practice&c=5&s > =166&.sig=lvQjSRfQDfWudJSe1lLjHw> Software design and development > <http://groups.yahoo.com/gads?t=ms&k=Software+design+and+development&w1=Web+ > site+design+development&w2=Computer+software+development&w3=Software+design+ > and+development&w4=Macromedia+flex&w5=Software+development+best+practice&c=5 > &s=166&.sig=1pMBCdo3DsJbuU9AEmO1oQ> > Macromedia flex > <http://groups.yahoo.com/gads?t=ms&k=Macromedia+flex&w1=Web+site+design+deve > lopment&w2=Computer+software+development&w3=Software+design+and+development& > w4=Macromedia+flex&w5=Software+development+best+practice&c=5&s=166&.sig=OO6n > PIrz7_EpZI36cYzBjw> Software development best practice > <http://groups.yahoo.com/gads?t=ms&k=Software+development+best+practice&w1=W > eb+site+design+development&w2=Computer+software+development&w3=Software+desi > gn+and+development&w4=Macromedia+flex&w5=Software+development+best+practice& > c=5&s=166&.sig=f89quyyulIDsnABLD6IXIw> > > _____ > > YAHOO! GROUPS LINKS > > > > * Visit your group "flexcoders > <http://groups.yahoo.com/group/flexcoders> " on the web. > > > * To unsubscribe from this group, send an email to: > <mailto:[EMAIL PROTECTED]> > [EMAIL PROTECTED] > > > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of > <http://docs.yahoo.com/info/terms/> Service. > > > _____ > > > > > -- > Douglas Knudsen > http://www.cubicleman.com > this is my signature, like it? > > -- > Flexcoders Mailing List > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > <http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt> > Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com > > > > > SPONSORED LINKS > Web site design development > <http://groups.yahoo.com/gads?t=ms&k=Web+site+design+development&w1=Web+site > +design+development&w2=Computer+software+development&w3=Software+design+and+ > development&w4=Macromedia+flex&w5=Software+development+best+practice&c=5&s=1 > 66&.sig=L-4QTvxB_quFDtMyhrQaHQ> Computer software development > <http://groups.yahoo.com/gads?t=ms&k=Computer+software+development&w1=Web+si > te+design+development&w2=Computer+software+development&w3=Software+design+an > d+development&w4=Macromedia+flex&w5=Software+development+best+practice&c=5&s > =166&.sig=lvQjSRfQDfWudJSe1lLjHw> Software design and development > <http://groups.yahoo.com/gads?t=ms&k=Software+design+and+development&w1=Web+ > site+design+development&w2=Computer+software+development&w3=Software+design+ > and+development&w4=Macromedia+flex&w5=Software+development+best+practice&c=5 > &s=166&.sig=1pMBCdo3DsJbuU9AEmO1oQ> > Macromedia flex > <http://groups.yahoo.com/gads?t=ms&k=Macromedia+flex&w1=Web+site+design+deve > lopment&w2=Computer+software+development&w3=Software+design+and+development& > w4=Macromedia+flex&w5=Software+development+best+practice&c=5&s=166&.sig=OO6n > PIrz7_EpZI36cYzBjw> Software development best practice > <http://groups.yahoo.com/gads?t=ms&k=Software+development+best+practice&w1=W > eb+site+design+development&w2=Computer+software+development&w3=Software+desi > gn+and+development&w4=Macromedia+flex&w5=Software+development+best+practice& > c=5&s=166&.sig=f89quyyulIDsnABLD6IXIw> > > _____ > > YAHOO! GROUPS LINKS > > > > * Visit your group "flexcoders > <http://groups.yahoo.com/group/flexcoders> " on the web. > > > * To unsubscribe from this group, send an email to: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of > <http://docs.yahoo.com/info/terms/> Service. > > > _____ > > > > > -- > Douglas Knudsen > http://www.cubicleman.com > this is my signature, like it? > > -- > Flexcoders Mailing List > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com > > > > > _____ > > YAHOO! GROUPS LINKS > > > > * Visit your group "flexcoders > <http://groups.yahoo.com/group/flexcoders> " on the web. > > > * To unsubscribe from this group, send an email to: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of > <http://docs.yahoo.com/info/terms/> Service. > > > _____ > > > > > -- > Douglas Knudsen > http://www.cubicleman.com > this is my signature, like it? > > -- > Flexcoders Mailing List > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com > > > > _____ > > YAHOO! GROUPS LINKS > > > > * Visit your group "flexcoders > <http://groups.yahoo.com/group/flexcoders> " on the web. > > > * To unsubscribe from this group, send an email to: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service > <http://docs.yahoo.com/info/terms/> . > > > _____ > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
