Comments on: Flex and Flash RIA’s, Authentication, Sessions, Scalability

By: flexbee

flexbee — Mon, 01 Feb 2010 16:54:43 +0000

I guess, its a big performance hit not just becauz of the DB calls involved but also with the SSL for every request. There must be a better wrapper..!

By: Camille

Camille — Mon, 11 Jan 2010 21:26:28 +0000

Hi,

I’ve been searching for a good Login/Authentication outline using Flex and CF for a while, and yours is the best.

Could you please send some examples and/or a zip file.

Thanks.

By: Harshil

Harshil — Fri, 11 Dec 2009 03:05:41 +0000

Great Post.
I also have a requirement for role-based type requests. How would server make sure of the rights associated to that user?

The solution maybe to store both the key and Permission level associated with the user credentials. So all subsequent requests from the Flex Client app pass the key to the server, and server does 1) verfies the key 2) verifies the permission level to have access for the requested service.

Comments appreciated.

By: Eric

Eric — Sat, 14 Nov 2009 17:19:48 +0000

Didn’t think of that sulotion. Thanks!

By: Nash

Nash — Tue, 10 Nov 2009 10:17:04 +0000

Seems this approach will solve the session problem for flex ria application.

But at downside every request need to checked against database and database calls are always going to impact application response time and in case you have used encrpted key than it may take more time to get compared.

Probably, this solution will solve the problem but from performance point of view it needs some improvements.

My two cent thougts.

By: Derek Adams

Derek Adams — Wed, 07 Oct 2009 21:15:27 +0000

This is great if the flex app works within it self 100% of the time. Actually, the app my company has made uses this idea exactly.

But what if the user logs in to a web page, and then clicks a link to launch the flex app in the browser? How can the browser access the login information that the user has already entered? I’ve tried to store the values in a cookie just to pull them down into the flex app, but IE (really, a problem with IE?) recently added a restriction on cross domain cookies. This presents my problem.

Suggestions?

thanks :]

By: ashil

ashil — Sun, 04 Oct 2009 19:52:23 +0000

This is a very interresting problem. Your solution sounds fine, but is not detailed at all. How about role-base requests to the server? A user has, say, administrator priviledges. He sends requests with a valid key, but how the server knows about his rights? Maybe a type of key/role? I look forward to hearing more from you about this topic. I’m currently facing the same choices, and I didn’t find a lot of resources about it on the Net.

Cheers

By: abdul rahman

abdul rahman — Wed, 22 Jul 2009 09:18:54 +0000

Hi,
The solution provided was really good. Adding to Latesh, any solution to the above problem along with some code snippet would be welcomed and appreciated.
Thanks

By: Latesh

Latesh — Wed, 13 May 2009 15:59:08 +0000

Hi,
Thanks this blog is really usefull.but you have not mentioned any solution about first problem that server side session expires even if there is user active on flex client. Any solution of this problem would be great.

By: Tim McLeod

Tim McLeod — Fri, 06 Mar 2009 03:34:26 +0000

I’ll see if I can get an example posted soon. Thanks Wobagi.