There are a number of ways to secure this, if it was me as cffunction can be tied to accept a username and password as an attribute. Then you can make sure that you flash is the one using it, to complete this make the connection with a secured (Https) connection and it would mean that it is hard to use. However I wouldn't store the username and password in the flash file!
-----Original Message----- From: Chris Kief [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 25 June 2002 10:21 AM To: CF-Talk Subject: Flash Remoting & Security I was hoping someone could shed a little light on an issue that I've been pondering a bit lately... When setting the access parameter of a cffunction to "remote" (which is necessary for a Flash client to access the function), doesn't this also allow others to call that function as a web service (like another server)? Does this mean that your web service is now publicly available? Or does it have to be registered in the CFMX admin panel before others are allowed access? I want to make sure that access to the function or component is restricted to only the flash client that is served from my server. Any clarifications are greatly appreciated, chris ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
