I’d like to display live-stream content to users based on their permission levels.
The permissions are set in an ASP.NET MVC web application, And if the user is not authenticated and authorized, he/she should not be able to view the stream even if they have the swf address directly.
Is there any way that I can inform my flash project about current user’s permission levels that cannot be tampered in client-side, and decide how to react in flash project?
P.S. Unfortunately, silverlight is not an option for me unless it’s impossible in flash.
This is a bit speculative, and might have been better as a comment, but I wanted to include a couple of long links. I’ll delete if it turns out to be wildly wrong:
Can’t you just let the MVC authorization framework take care of this, by returning the stream content via code which is protected with a Principal Permission attribute, or with
Web.Configrole-based protection on the folder? Any request from the Flash player within a browser ought to include the current Asp.Net encrypted cookie, so I think you can just let the browser take care of this.