if that's all your doing, then could you not expose an API specfic to the purpose and use a different protocol, for instance AMF via RPC for access from your flash client? If you are really only showing a form and presenting some choices this sounds like it could be a pretty trivial re-factoring of existing server code.
--- In [email protected], João <[EMAIL PROTECTED]> wrote: > > First of all, thank you for you suggestions. This module doesn't imply > a user login. It's a tool available to everyone that let's the visitor > fill a form, and at the end the module will offer a list of services > depending on the data provided. > You could easily ask: "so, if the module is publicly accessible, why > wouldn't the web-service be also available if both provide the same > data?". The question here is that, among other things, the client > doesn't want other providers to use it's service. > > Having the key hard-coded on the client application, even if > encrypted, wouldn't solve nothing since with a man on the middle > attack it would be possible to get the key and replicate it. > I will read some documentation about public key infrastructures, and i > guess i will find easily a teorical solution from what i recall from > what i've learned on university. But what i need to know is if Adobe > Flex has tools (on the SDK, or others available as open-source) to > help us solve this kind of problems. And also, if there is some > documentation or examples available on the internet around this > subject for the flash platform. > > Thanks, > > João Saleiro > > http://wwww.riapt.pt > http://www.webfuel.pt >
