Section 11.4. Securing Access

Previous page
Table of content
Next page

11.4. Securing Access

Protecting the server resources and the content that is shipped over the network is important to keeping unwanted intruders out of your application. When implementing a remoting method that requires the data to be secure, the best way to encrypt the data is to implement the remoting from the client to the server over an SSL connection. Since remote data that needs to be secure is typically personal information, this should be handled between a client application and an authenticating server, as described in Chapter 18. This can easily be done with a SWF running in the browser and connecting to the gateway with: 

 https://www.yourserver.com/flashservices/gateway

Protecting the remote methods on the server is also important. If you enable a remote method for public access, it is likely that those methods can be accessed from outside of your application. Fortunately, most remoting implementations provide a way to protect the methods with roles-based security. In ColdFusion, you can add the roles attribute to the method declaration (the <cffunction> tag) to restrict the access of the method to users who have been authenticated on the server and have been declared with the specific role: 

 <cffunction name="remoteMethod" access="remote" roles="authenticatedUser"> <!--- method body --> </cffunction>

By declaring the role on the method, you force the user to log into the server before he can access the method. This can be done in two ways. The first way is to implement the setCredentials( ) method on the client: 

 #include "NetServices.as" NetServices.setDefaultGatewayUrl("http://www.yourhost.com/flashservices/gateway"); my_conn = NetServices.createGatewayConnection(  ); my_conn.setCredentials("username", "password");

The setCredentials( ) method adds a Credentials header to the outbound AMF packet and forces the server to initialize the login routine. In ColdFusion, this is usually defined in the Application.cfm file within a < cflogin > tag. Inside the <cflogin> tag, you define the authentication mechanism to verify the username and password passed in the Credentials header. Alternatively, you can also create your own custom login routine by declaring a public method that is not restricted with a roles attribute that will log in the user with the <cfloginuser> tag.

If your FlashCom application relies heavily upon remoting and you absolutely need the FlashCom application server data to be secure, you can create your network so only the FlashCom Server can access the resources defined on the server. This will guarantee that only the FlashCom Server has access to the remote resources and they cannot be abused by an outside party. See Chapter 18 for more information on security.


Previous page
Table of content
Next page
Programming Flash Communication Server
Programming Flash Communication Server
ISBN: 0596005040
EAN: 2147483647
Year: 2003
Pages: 203
Authors: Brian Lesser, Giacomo Guilizzoni, Robert Reinhardt, Joey Lott, Justin Watkins
BUY ON AMAZON
Agile Project Management: Creating Innovative Products (2nd Edition)
Beginning Cryptography with Java
The Complete Cisco VPN Configuration Guide
Introduction to 80x86 Assembly Language and Computer Architecture
Cisco CallManager Fundamentals (2nd Edition)
Junos Cookbook (Cookbooks (OReilly))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy