The MethodInterceptor should do the trick, just wrap ALL your methods that need security in it.
A security framework baked into CS! That would be suuuuupppppeeerrrrrr nice and where a security framework should be I think. ________________________________ John Allen Interactive Technical Director | Creative Studio Ogilvy Public Relations Worldwide Phone: 202-729-4130 ________________________________ From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Scott Sent: Friday, January 05, 2007 10:24 PM To: [email protected] Subject: [coldspring-dev] Securing Remote Proxy Beans You can also weave in security through method interceptors (AOP based). I have some preliminary stuff in ColdSpring that I hope to release soon as a security framework that you can use to plug into your own services, but time is my enemy... There are some blog posts out there though Chris Scott [EMAIL PROTECTED] http://cdscott.blogspot.com/ http://www.coldspringframework.org/ On Jan 5, 2007, at 6:08 PM, Scott Arbeitman wrote: You can secure them by Basic Auth using an Application.cfc, and implementing the onRequestStart. ~~ Scott On 06/01/2007, at 5:06 AM, Derek Perez wrote: Hey everyone, I am messing with coldspring and creating an application that is going to make use of the remote proxy beans, but I am slightly worried about having exposed remote services that aren't secured in any way. I know this is somewhat the "nature" of webservices, but if I want to return semi-sensative data via a service (for ajax calls or something) I wish I could have some sort of authentication in place. I really would prefer to stay away from the built in roles controls of CFC's and more towards a signature form of authentication or something...but I digress. So, I was just curious, what do you guys do in these situations? How do you secure your remote proxy beans, if at all? Thanks! - Derek -- Derek Perez [EMAIL PROTECTED]
image001.gif
Description: image001.gif
