RE: [flexcoders] Re: creditcard dashboard - for Alistair

[Steven Webster]

Craig,
 
On page 576 of the book, the RemoteObject service is 
defined as an unnamed service (using the source="") tag,
which I will presume to be what you have in yoru 
code.
 
You have placed the service in your whitelist 
(double-check, I presume this is under the remote-objects node) 
as
both an unnamed and named service, so you probably expect 
either named/unnamed services to both work.
 
However, in your named service block you have <allow-unnamed-access>false</allow-unnamed-access> 

 
This means that even though you are (I imagine, unless you 
have changed the code from p 576) accessing
the RemoteObject as an unnamed service, your flex-config is 
prohibiting that for this very service.
 
Make sense ?
 
If this isn't your issue, then perhaps you could post the 
error message you are receiving ... in 
gateway-config.xml you can turn on a little more debugging 
of events over the wire as well.  Your
original email suggested that "...the book doesn't seem to 
explain or give examples for the whitelist..."
which is why I pointed you in my last response to the 
appropriate sections in the book where the
whitelist is explained, and examples given.  The more 
specific you can specify the problem you
are having, and the error messages you are receiving, the 
more specific our responses can be.
 
I hope that the above helps you find the source of your 
problem.
 
Kindest Regards,
 
Steven
 
 

  
  
  From: flexcoders@yahoogroups.com 
  [mailto:[EMAIL PROTECTED] On Behalf Of Craig 
  NewrothSent: 29 April 2005 17:27To: 
  flexcoders@yahoogroups.comSubject: RE: [flexcoders] Re: creditcard 
  dashboard - for Alistair
  
  Dear MR. WEBSTER:
  READ pages that you mention, and READ chapter 21, and I DO UNDERSTAND the 
  concepts of the whitelist VERY well, and I DO have a CLEAR understanding of 
  the mentioned concepts.
  Rather than make a smart assed comment like "...it's probably worth 
  making sure you've got a clear understanding of the concepts covered in the 
  relevant and preceeding chapters...." or "...and then make sure you 
  understand why that's a woefully insecure way of achieving your short term 
  goal of getting the code to work...." and (my favorite), "...if you 
  still don'tunderstand the concept of the whitelist,..."
  you could offer a better answer...MY SHORT TERM GOAL IS NOT TO MAKE YOUR 
  CODE WORK, but to see it in action so that I can better understand WHY it is 
  working the way it does and to see if your concepts mentioned in your book can 
  be of use in my own development.
       If that is your understanding of my questions, 
  then please don't answer...I'll figure it out on my own. You have NO idea of 
  how I have my system configured, or where I have placed 'your' code in 
  relation to my install, so making your statements the way you did is just 
  ludicrous. AND I resent your implication(s) that I don't UNDERSTAND 
  the concept of what I am doing! BTW...here is what I have in the 
  whitelist and it still don't work smart guy! oh, wait, I forgot, 
  don't answer me!
  <whitelist>            
  <!-- whitelist config for unnamed objects 
  -->            
  <unnamed>    <source>com.bng.flex.remoteObject.*</source>    <source>com.iterationtwo.boe.business.ApplicationDelegate</source>    <source>com.iterationtwo.boe.business.CreditCardDelegate</source>    <source>com.iterationtwo.boe.business.Responder</source>    <source>*</source>                
  <!--                
  For security, the whitelist is locked down by 
  default.                
  Uncomment the source element below to enable access to all 
  classes,                
  or add the individual URLs you wish to 
  access.                
  We strongly recommend not allowing access to all source 
  files                
  in production, since this exposes Java and Flex system 
  classes.                
  <source>*</source>                
  -->            
  </unnamed>            
  <!-- whitelist config for named objects 
  -->   <named>    <object 
  name="ApplicationDelegate">    <source>com.iterationtwo.boe.business.ApplicationDelegate</source>    <type>stateless-class</type>    <allow-unnamed-access>false</allow-unnamed-access>    <use-custom-authentication>false</use-custom-authentication>    </object>   </named>







Yahoo! Groups Links

To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/ 
To unsubscribe from this group, send an email to:[EMAIL PROTECTED] 
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.










--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.10.4 - Release Date: 27/04/2005