First of all, thank you for you suggestions. This module doesn't imply a user login. It's a tool available to everyone that let's the visitor fill a form, and at the end the module will offer a list of services depending on the data provided. You could easily ask: "so, if the module is publicly accessible, why wouldn't the web-service be also available if both provide the same data?". The question here is that, among other things, the client doesn't want other providers to use it's service.
Having the key hard-coded on the client application, even if encrypted, wouldn't solve nothing since with a man on the middle attack it would be possible to get the key and replicate it. I will read some documentation about public key infrastructures, and i guess i will find easily a teorical solution from what i recall from what i've learned on university. But what i need to know is if Adobe Flex has tools (on the SDK, or others available as open-source) to help us solve this kind of problems. And also, if there is some documentation or examples available on the internet around this subject for the flash platform. Thanks, João Saleiro http://wwww.riapt.pt http://www.webfuel.pt
