473,406 Members | 2,713 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > flash / actionscript > questions > problem accessing/redirecting url protected by digest authentication

Join Bytes to post your question to a community of 473,406 software developers and data experts.

Problem accessing/redirecting URL protected by digest authentication

Hi there, I appreciate any help on the following issue. I can't seem to find any other similar topic.

(CS4, ActionScript 3.0, Flash 10)

I have a SWF embedded within a page that is protected by digest authentication. To access this page, the browser asks for username/password. So far so good, the SWF works fine.

Now, within that SWF, the script uses URLLoader to POST to another URL on the same server (but a different path than the page).

My embedded server rejects the authentication. I have debugged the server (an embedded web server called GoAhead) and confirmed that the request contains the digest authentication information, (username, nonce, etc.) yet the server does not compute the same response data and thus rejects the request.

Strangely, the browser asks for a username/password after the first attempt and it re-sends the request to the server and again, the authentication is incorrect.

Then, I tried to just have that actionscript redirect to another URL that also has digest authentication protection. The request fails the same way.

This seems like a pretty normal thing to do within a script. Why can't the script access another protected page from within an already authenticated page? It sure sounds like a security sandbox issue but since it's not cross-site, there should be no problem, but it doesn't work. (If I remove the authentication from the pages in question, the SWF accesses the data without problem.)

Is there some magically security setting or other API call to allow the script to access another page protected by digest authentication? I must be missing something but I can't figure out what is missing.

Thanks again for any help.
Sep 18 '09 #1
0 2324

Sign in to post your reply or Sign up for a free account.

Similar topics

0
HttpWebRequest PreAuthenticate not working for Digest Authentication?
by: Wolfgang Meier | last post by:
I am using the following code to retrieve a document from my web server: HttpWebRequest req = (HttpWebRequest)WebRequest.Create("http://example.com/"); req.Method = "GET"; req.PreAuthenticate...
.NET Framework
11
Forms Authentication Problem
by: ElmoWatson | last post by:
I tried on the Security newgroup, as well as other places, and haven't gotten an answer yet - - I'm pulling my hair out over this one. I'm trying to get Forms Authentication working.....I can get...
ASP.NET
3
Forms authentication in a subfolder problem, please help
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain subfolder my administration pages should be...
ASP.NET
2
Session problem....
by: Darren Clark | last post by:
I am having some troubles with Sessin varables dieing.. Basically ihave my own class structure called USER that once the user logs in i save it to a session var called Session = myUserObject; ...
ASP.NET
0
Server error on first try, but succeeds in subsequent tries (accessing files)?
by: Joergen Bech | last post by:
Fairly new to ASP.NET 1.1. Getting the error below when running application on a web server outside of my control, but only the first time I run it: 1. After a long period of inactivity (or...
ASP.NET
3
Problem With Froms Authentication. HELP
by: JMUApache | last post by:
Hi: I have got a problem with FromsAuthentication for many days. I use "Forms" Authentication in my ASP.NET Web Froms, and I find that I can't singout.... Some Code Here: //In my...
ASP.NET
2
problem with encryption function sending hex values
by: Fernando Barsoba | last post by:
Dear all, I have been posting about a problem trying to encrypt certain data using HMAC-SHA1 functions. I posted that my problem was solved, but unfortunately, I was being overly optimistic. I...
C / C++
1
authentication problem
by: abracad_1999 | last post by:
I have installed the open source PHP Deadlock authentication system. It uses .htpasswd and .htaccess files. This works well apart from it doesn't allow user logout without closing their browser....
PHP
1
Forms Authentication not Redirecting
by: Jeremy | last post by:
I have a web app that contains forms authentication to protect subdirectory called "admin" by denying anonymous users. When I request a protected resource in the admin directory I am presented with...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!