Copy link to clipboard
Copied
Hi,
I have a flex app which I would also now like to offer an Air client for. I don't want to create a new authentication system just for the Air app, I just want to use the cookie/session setup that I already have in place.
The cookies work and after logging in to the AIR app I can make subsequent requests without being asked to authenticate again, the problem is that the cookie seems to be deleted when the client is shut down, meaning that when I restart the air client I have to log in again which is obviously not acceptable for my users.
Is this expected behaviour in AIR and if so, what is the work around?
Cheers,
Chris
Copy link to clipboard
Copied
Bump
Copy link to clipboard
Copied
Hi Chris,
AIR uses the underlying operating system stack for managing cookies. As such, cookies can be shared between different AIR applications and with browsers that use OS stack (e.g. Internet Explorer on Windows).
From the official documentation as well as my experiments, cookies are preserved between application restarts.
I suspect the application uses session cookies for authentication -- these are meant to be cleared when the browser exits and for a good reason (mostly security). AIR clears session cookies when the application closes, unlike some browsers (e.g. Firefox) that don't always clear them.
From what I can tell, you have 2 choices here:
Hope this helps,
Mihai
Copy link to clipboard
Copied
HI Mihal,
Thanks for the response. I originally used Encrypted local store along with
remote object credentials but it clearly has issues on Linux as it would
randomly fail in around one in twenty requests, I stripped the code down to
bare bones and tested it on multiple Linux clients with all showing the same
results, although some were more frequent than others.
Okay, I'll just have to accept that if I'm to use AIR cross platform, then
the user will have to login every time they start the app.
Thanks,
Chris