You don't need frames to view this website. Flash communication server. Flash mx xml socket server.
Home
Main Menu
Home
- - - - - - -
What is Palabre ?
Features
News
FAQ
Forum
DEMO
- - - - - - -
Downloads !
Browse SVN
- - - - - - -
Search
Contact Us
- - - - - - -
Sourceforge Project Page
Python
Links




 
Download Palabre Flash Xml Socket Server DOWNLOAD Download Palabre Flash Xml Socket Server FORUM Download Palabre Flash Xml Socket Server FAQ Download Palabre Flash Xml Socket Server WHAT IS IT
 



Using Palabre ? Coming here for Support ? Please consider making an (even small) donation :)
Palabre Forum  


Post a new message in "Default Forum"
Name:
Subject:
topic icon:
no
boardcode:
 Colour:  Size:   Close all tags
Message:
CAPTCHA: How much is 5 added to 1

Topic History of: Collected Documentation
Max. showing the last posts - (Last post first)
Author Message
Cyprien Hello,



Crypt the entire conversation is (i think) not really usefull.

But for identification i think you can do something like that.

(If flash allow that)



load_var(httpS://www.example.com/login, user, pass)



and this securised page wills end you something like

UNIQUE_IDENT_ID

you will send this ident to palabre for identification like

connect login="toto" pass="unique-ident-id"



palabre will check in ident_table if

login=xx and unique_ident_id=yy



and then (why not) delete this record from database.

Like that, if someone listen your palabre conversation, he can't log-in with your unique-ident-id because it can be used only one time.



You will have secure authentification, and next a plain conversation, without using ressource for crypting/decrypt, etc...



If flash can't load https page with load_var you can put your application into a https page, that will show after a traditionnal login page (php/python (django)/etc...) with flash_application and a variable that containt login, room_to_connect (why not) and unique_ident_id





I was doing things like that for my project.

Authentification in php, and next an ID that link to this authentification in database.
chromecow D'oh!



Nuked my link. Let me try again without the explicit link:



http://crypto.hurlant.com/




http://crypto.hurlant.com/demo/
chromecow Found something that looks very promising, AS3 only:



Active link containing JavaScript has been removed automatically
chromecow I'll look around and see what I can find.
admin Hi,

Yes the passwords are sent in plain text (such as your FTP, POP Email, ... passwords :p )



I thought about an SSL connection but I don't know how to handle it on the client side (flash socket) ?



Any leads ?
chromecow A couple of resources for SSL:



Mailing List Thread about SSL in Python



www.openssl.org



And this looks promising:



M2Crypto

Simpleboard Forum Component 1.1.0 Stable
Two Shoes Mambo Factory