Good spot Ryan, although the app in question is Flash, that bit of info will be helpful in the near future ;) Very cool, thanks.
I guess Flash 8 can't use the Flex gateway... unless anyone thinks otherwise? Thanks. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ryan Guill Sent: Tuesday, 9 May 2006 11:09 PM To: [email protected] Subject: Re: [CFCDev] Securing remote CFCs Andrew, are you using flex or flash? with the new flex beta 3, im noticing in the flex-enterprise-services.xml file, which specifies the coldfusion gateway, a key that says, and I quote: <!-- allow "public and remote" or just "remote" methods to be invoked --> <method-access-level>remote</method-access-level> this is pretty damn cool. This would solve your problem, no? just change that to public and you would be set... On 5/9/06, Andrew Stevens <[EMAIL PROTECTED]> wrote: > Yeah it's a damn shame, I'm not sure it should even be called a 'gateway', > why they have to be on the web root is unclear to me. > > Thanks Tom, you've confirmed my concerns. Someone's going to have to do some > rework... hopefully not me... > > Cheers. > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Tom Chiverton > Sent: Tuesday, 9 May 2006 9:37 PM > To: [email protected] > Subject: Re: [CFCDev] Securing remote CFCs > > >>> On Tue, May 9, 2006 at 12:07 PM, in message > <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote: > > - Do these CFCs have to be accessible from the 'web root'? > > Yes, otherwise CF complains it can't find them, which is a shame. > The actual worker objects can be in your normal non-web accessible CFC > folders. > > > - And if so, doesn't this also (unavoidably) 'expose' these CFCs > as > > Web Services? > > AFAIK, yeah :-( > You can lock down the URL in your web server, and you probably want to bolt > on some sort of username/password/license check *anyway* though, right ? > > > > Tom Chiverton > > > **************************************************** > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in England and > Wales under registered number OC307980 whose registered office address is at > St James's Court Brown Street Manchester M2 2JF. A list of members is > available for inspection at the registered office. Any reference to a > partner in relation to Halliwells LLP means a member of Halliwells LLP. > Regulated by the Law Society. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above and may > be confidential or legally privileged. If you are not the addressee you > must not read it and must not use any information contained in nor copy it > nor inform any person other than Halliwells LLP or the addressee of its > existence or contents. If you have received this email in error please > delete it and notify Halliwells LLP IT Department on 0870 365 8008. > > For more information about Halliwells LLP visit www.halliwells.com. > > We are pleased to announce that Halliwells LLP has been voted AIM Lawyer of > the Year at the 2005 Growth Company Awards > > > > ---------------------------------------------------------- > You are subscribed to cfcdev. To unsubscribe, send an email to > [email protected] with the words 'unsubscribe cfcdev' as the subject of the > email. > > CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting > (www.cfxhosting.com). > > An archive of the CFCDev list is available at > www.mail-archive.com/[email protected] > > > > > ---------------------------------------------------------- > You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. > > CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). > > An archive of the CFCDev list is available at www.mail-archive.com/[email protected] > > > -- Ryan Guill A Deep Blue [EMAIL PROTECTED] www.ryanguill.com (270) 217.2399 got google talk? Chat me at [EMAIL PROTECTED] The Coldfusion Open Application Library - COAL - http://coal.ryanguill.com Use CF and SQL? Try qBrowser - http://www.ryanguill.com/docs/ www.ryanguill.com/ The Roman Empire: www.ryanguill.com/blog/ ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). An archive of the CFCDev list is available at www.mail-archive.com/[email protected] ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
