![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
I'm making a Flash/AIR app (it will operate on the persons local machine, instead of through a browser) that will integrate with some server-side code. The client basically needs to login, and retrieve data from the server for that client only. Simple stuff.
But, how do I do that securely? The client will need to enter the username/password, send that to the server. Server will need to respond appropriately, either sending the data or not depending if the credentials are correct. Then throughout the application, the client needs to do more transactions with the server. Does it need to send the username/password each time, or just a user id? How do I keep that stored locally and send it to the server?
I'm not looking for specific code, just an overall method.
But, how do I do that securely? The client will need to enter the username/password, send that to the server. Server will need to respond appropriately, either sending the data or not depending if the credentials are correct. Then throughout the application, the client needs to do more transactions with the server. Does it need to send the username/password each time, or just a user id? How do I keep that stored locally and send it to the server?
I'm not looking for specific code, just an overall method.