I appreciate the responses fellas. Olaf, sadly on mobile, even if you did use HTTPLoader to upload an authorization header, I don't believe there is anyway to display what is returned in a mobile WebView like StageWebView. But I certainly appreciate the idea. The ANE that I purchased only seems to load HTML from a given URL.
Erik, your idea sounds very intriguing to me, but I am so inexperienced in PHP and web development that I am not sure that I completely understand, so you may have to tell it to me like a child ;) Here is what I think that you are telling me: 1. Use HTTPLoader to create an Authorization Header and access a PHP file that I can use to make sure a user is authorized on my server, and in the return response, send back a URL to the actual page that I want to view. 2. Use the returned URL to load the page into StageWebView. Although this sounds like a fantastic idea to me on the surface, I don't understand how it would be secure. The page I want to display in my mobile app is what needs to be secure, but it also needs to be in a publicly available folder so that my users can access it. But I don't want anybody with a browser to be able to just browse to the public file and display its contents. So basically, I have a public file that I want my mobile users to be able to access, but I don't want anybody outside of the app to be able to access it. Thus the idea for Basic Authentication. My basic understanding of Apache is that my PHP file needs to be in a publicly accessible folder to be served by Apache, so even if I did use HTTPLoader to send a header to authenticate users and then return a URL to load the content, that content would be sitting right there in a public folder for anybody to browse to anyway. Unless of course, there is a way in Apache to serve up content from a non-public folder that I am completely unfamiliar with. I guess my question is, how do I hide the actual critical page from the public and get a URL to its location? I know I am missing something. I apologize for my inexperience in this area. -- Sent from: http://apache-flex-users.2333346.n4.nabble.com/
