On Tuesday, Feb 4, 2003, at 15:13 US/Pacific, Stacy Young wrote: > I'm curious, what's the difference, in respect to security, between > accessing Java objects thru the gateway in this scenario as opposed to > using the Remoting for Java gateway?
The default security policy for JRun's Flash gateway is much stricter than CFMX's (but because you can't call Java code, it doesn't create a security risk). If you enable calling Java code via the gateway in CFMX, you really need to look at the security policy file and modify it to ensure malicious users can't do things like call your ServiceFactory and shutdown your server! > For us it will be an either, or scenario...Either the gateway will be > used to hit Java applications OR CFMX...so the Java app would have it's > own security framework in place...as well as the CFMX apps... In which case you can call the J2EE Flash gateway using one context and the CFMX Flash gateway using a different context, as long as you install CFMX for J2EE in a named context root (i.e., not in the default "" context). Sean A Corfield -- Director, Architecture Web Technology Group -- Macromedia, Inc. tel: (415) 252-2287 -- cell: (415) 717-8473 aim/iChat: seancorfield -- http://www.macromedia.com An Architect's View -- http://www.macromedia.com/go/arch_blog ColdFusion MX and JRun 4 now available for Mac OS X! http://www.macromedia.com/go/cfmxosx ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
