On Thu, Feb 14, 2008 at 4:48 PM, Stefan Richter <[EMAIL PROTECTED]> wrote:
> yeah I agree but it seems to be that way. Note that you need to enable > Remoting in the first place though in CF admin (it may be enabled by > default, I am not sure). Basically it can be turned off. And I think > you also need the crossdomain.xml in place which I have wide open > right now. It can be limited by domain. > > I find it very hard to find information on securing CFCs and Flex > apps. The next step in my project will involve securing the CFCs to > authorised/logged in users. I know I need to look at session > management but I'm still quite clueless as to what I need to do at > that front... There 's a bit of info out there on how folks do this. They key to keep in mind is RemoteObject calls run over HTTP. Since they are made from the browser housing your Flex SWF, these calls are really no different then a call to say myPage.cfm from the browser. These calls pass all cookies back and forth and all. So, your cfsessionid goes along for the ride. DK > > Cheers > > Stefan > > > > > On 14 Feb 2008, at 21:35, João_Fernandes wrote: > > > Stephan, > > > > this is weird because Adobe always spread the word to use > > access="remote" to have Flex clients invoking CFCs (trough remoting). > > If accessing public functions was a feature for remoting since it > > would > > invoke as local context, why would they put the access level in the > > first place? > > > > Also, it would be really bad that all public functions from all cfcs > > could be invoked trough remoting. > > -- > > > > João Fernandes > > > > http://www.onflexwithcf.org > > http://www.riapt.org > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/Flex/message.cfm/messageid:4943 Subscription: http://www.houseoffusion.com/groups/Flex/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.37
