| Flex 2 Developer's Guide > Data Access and Interconnectivity > Configuring Data Services > Securing destinations > Custom authentication | |||
|
|||
|
|||
|
|||
As an alternative to basic authentication, you can use custom authentication and create a custom login form in MXML to match the appearance of your application.
For custom authentication, Flex uses a custom login adapter, known as a login command, to check a user's credentials and log a principal into the application server. A login command must implement the flex.messaging.security.LoginCommand API. You can register multiple login commands in the <security> section of the Flex services configuration file. The server attribute of the login-command element is used to perform a partial match against the value returned by the servletConfig.getServletContext().getServerInfo() method. The server value must be a case-insensitive match of an initial substring of this value or the entire string.
Flex Data Services includes login command implementations for Adobe JRun, Apache Tomcat, Oracle Application Server, BEA WebLogic, and IBM WebSphere. Use the TomcatLoginCommand class for either Tomcat or JBoss. You should enable only one login command at a time; comment out all others.
The following example shows a login command configured for JRun:
<security>
...
<login-command class="flex.messaging.security.JRunLoginCommand"
server="JRun"/>
<!--
<login-command class="flex.messaging.security.TomcatLoginCommand"
server="Tomcat"/>
<login-command class="flex.messaging.security.OracleLoginCommand"
server="Oracle"/>
<login-command class="flex.messaging.security.WeblogicLoginCommand"
server="Weblogic"/>
<login-command class="flex.messaging.security.WebSphereLoginCommand"
server="WebSphere"/>
-->
...
</security>
You can use a login command without roles for custom authentication only. If you also want to use custom authorization, you must link the specified role references to roles that are defined in your application server's user store.
Flex 2.01
