Re: [flexcoders] Explaining Flex Log In and User Role Functionality to Java Developers

[dave buhler]

Highly educational.

Thanks Brian.On 5/18/05, Brian Deitte <[EMAIL PROTECTED]> wrote:







Instead of giving the information to you in the easiest 
language, I'm just going to try to give you a whole lot of information.  
:)  I would first suggest looking at how J2EE security works.  The 
first place I can think of is here:
 

http://livedocs.macromedia.com/jrun/4/Programmers_Guide/security_servlet.htm
 
Althrough I'm sure there's other great tutorials 
around.  Next I would read this article, and not just because I 
wrote it:
 

http://www.macromedia.com/devnet/flex/articles/security_framework.html
 
This article could also be very helpful to the experienced 
J2EE developers and give them an idea of how Flex security works.  
Lastly, I would try setting up the example in the article or the examples 
found in :
 
{flex.location}/resources/security/examples
 
Hope that helps, Brian
 


From: flexcoders@yahoogroups.com 
[mailto:flexcoders@yahoogroups.com] On Behalf Of Leif 
WellsSent: Tuesday, May 17, 2005 11:10 PMTo: 
flexcoders@yahoogroups.comSubject: [flexcoders] Explaining Flex Log 
In and User Role Functionality to Java Developers
Here's the deal. I have a client putting together a (fairly large) 
Flex application; actually the company that I work for is putting together the 
Flex portion and the client and another vendor is putting together the J2EE 
back-end. So they come to me and say "How are we handling logging in a 
user. Are we using cookies?" What we've done in the past with Flash 
(sorry. I know that's a dirty word here) is have the user log in and have the 
server pass back a user object that contains (among other things) a role. If the 
server doesn't pass the user object, then they get the login screen again. If 
the user is logged in, they see screens/forms per what level their role is set. 
The security on this new application is going to need to be a bit more 
strict.My problem is this: I am NOT a full-time J2EE developer and the 
people who are asking these questions are very experienced J2EE developers. 
Every time I attempt to explain to them how we should handle user log in I 
appearently am not using the correct words. Can someone either point me to a 
document that explains how user log in would normally would be handled with Flex 
in a J2EE environment? Or give it to me is easy to understand language so I can 
relieve these guys' (and my) stress? Is there a best practice for handling user 
login in a secure application?Also, they threw me a curve today: "How do 
we handle it if a user's role is demoted or promoted in the middle of a session? 
Can we immediately change what they see on-screen? Or can we immediately have 
them log off?"  Any thoughts?Leifhttp://www.leifwells.com







Yahoo! Groups Links

To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/
 
To unsubscribe from this group, send an email to:[EMAIL PROTECTED]
 
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.


















Yahoo! Groups Links

To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/ 
To unsubscribe from this group, send an email to:[EMAIL PROTECTED] 
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.