Andrew, are you using flex or flash? with the new flex beta 3, im
noticing in the flex-enterprise-services.xml file, which specifies the
coldfusion gateway, a key that says, and I quote:
<!-- allow "public and remote" or just "remote" methods to be invoked -->
<method-access-level>remote</method-access-level>
this is pretty damn cool. This would solve your problem, no? just
change that to public and you would be set...
On 5/9/06, Andrew Stevens <[EMAIL PROTECTED]> wrote:
Yeah it's a damn shame, I'm not sure it should even be called a 'gateway',
why they have to be on the web root is unclear to me.
Thanks Tom, you've confirmed my concerns. Someone's going to have to do some
rework... hopefully not me...
Cheers.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Tom Chiverton
Sent: Tuesday, 9 May 2006 9:37 PM
To: [email protected]
Subject: Re: [CFCDev] Securing remote CFCs
>>> On Tue, May 9, 2006 at 12:07 PM, in message
<[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> - Do these CFCs have to be accessible from the 'web root'?
Yes, otherwise CF complains it can't find them, which is a shame.
The actual worker objects can be in your normal non-web accessible CFC
folders.
> - And if so, doesn't this also (unavoidably) 'expose' these CFCs
as
> Web Services?
AFAIK, yeah :-(
You can lock down the URL in your web server, and you probably want to bolt
on some sort of username/password/license check *anyway* though, right ?
Tom Chiverton
****************************************************
This email is sent for and on behalf of Halliwells LLP.
Halliwells LLP is a limited liability partnership registered in England and
Wales under registered number OC307980 whose registered office address is at
St James's Court Brown Street Manchester M2 2JF. A list of members is
available for inspection at the registered office. Any reference to a
partner in relation to Halliwells LLP means a member of Halliwells LLP.
Regulated by the Law Society.
CONFIDENTIALITY
This email is intended only for the use of the addressee named above and may
be confidential or legally privileged. If you are not the addressee you
must not read it and must not use any information contained in nor copy it
nor inform any person other than Halliwells LLP or the addressee of its
existence or contents. If you have received this email in error please
delete it and notify Halliwells LLP IT Department on 0870 365 8008.
For more information about Halliwells LLP visit www.halliwells.com.
We are pleased to announce that Halliwells LLP has been voted AIM Lawyer of
the Year at the 2005 Growth Company Awards
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to
[email protected] with the words 'unsubscribe cfcdev' as the subject of the
email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting
(www.cfxhosting.com).
An archive of the CFCDev list is available at
www.mail-archive.com/[email protected]
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to
[email protected] with the words 'unsubscribe cfcdev' as the subject of the
email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting
(www.cfxhosting.com).
An archive of the CFCDev list is available at
www.mail-archive.com/[email protected]
--
Ryan Guill
A Deep Blue
[EMAIL PROTECTED]
www.ryanguill.com
(270) 217.2399
got google talk? Chat me at [EMAIL PROTECTED]
The Coldfusion Open Application Library - COAL - http://coal.ryanguill.com
Use CF and SQL? Try qBrowser - http://www.ryanguill.com/docs/
www.ryanguill.com/
The Roman Empire: www.ryanguill.com/blog/
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email to
[email protected] with the words 'unsubscribe cfcdev' as the subject of the
email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting
(www.cfxhosting.com).
An archive of the CFCDev list is available at
www.mail-archive.com/[email protected]
