RE: [flexcoders] Re: Remote Object and Session ???????

Thu, 11 Sep 2008 07:43:36 -0700 

If you set the credentials for the remote object, post authentication, those 
will be passed with each request.  All you need to do is look for those 
credentials on the server side and log the user in and assign roles on the 
server in question.  Doing this in CF is trivial, it would depend on what 
middleware platform you're on. 
 
Jeff

        -----Original Message-----
        From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of 
Dimitrios Gianninas
        Sent: Thursday, September 11, 2008 9:21 AM
        To: [email protected]
        Subject: RE: [flexcoders] Re: Remote Object and Session ???????
        
        
        ok so you mean your Flex client beeds to communicate with 
http://abc.com and http://xyz.com? Both servers belong to you?
         
        Seems like you are going to have to keep info on who is logged in at 
the DB level so that both servers can access that same info and know that 
someone is logged in. Not sure if something like this already exists or not.
         
        Dimitrios Gianninas
        RIA Developer Team Lead
        Optimal Payments Inc.
         

________________________________

        From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of 
xmwang1982
        Sent: Wednesday, September 10, 2008 9:18 PM
        To: [email protected]
        Subject: [flexcoders] Re: Remote Object and Session ???????
        
        

        My case is not similar with you. Something I need is SSO in server side.
        
        I have a flex client, it may call remoting objects in different
        servers. These remoting services need the same authentication. So the
        SSO check is performed in server side.
        
        Becasue even the server, http request of remoting are different,
        normal cookie doesn't work here.
        
        If there is a way to set session variants before remoting call, the
        problem could be solved. But no idea so far...
        
        thanks.
        
        --- In [email protected] <mailto:flexcoders%40yahoogroups.com> 
, "Nate Beck" <[EMAIL PROTECTED]> wrote:
        >
        > We're using Oracle Access Management to do our single-sign on over 
here.
        > Using cookies as well, we set a domain cookie to ".domain.com", that
        way any
        > sub-domain will pass the cookie along to the server as well.
        > 
        > Cheers,
        > Nate
        > 
        > 2008/9/10 Dimitrios Gianninas <[EMAIL PROTECTED]>
        > 
        > > Why do you want to add things to your server-side session?
        > >
        > > You dont need to do that for single sign-on. We have been using
        single-sign
        > > on with our Flex apps on WebLogic 8.1SP3 for years now and it
        works like a
        > > charm. The only thing we have to do in WebLogic, is make sure that
        every web
        > > application is using the same cookie name on the weblogic.xml and
        it works.
        > > Don't know what app server you are using, but you should lookout for
        > > something similar.
        > >
        > > *Dimitrios Gianninas*
        > > *RIA Developer Team Lead*
        > > *Optimal Payments Inc.*
        > >
        > >
        > > ------------------------------
        > > *From:* [email protected] 
<mailto:flexcoders%40yahoogroups.com> 
        [mailto:[email protected] 
<mailto:flexcoders%40yahoogroups.com> ] *On
        > > Behalf Of *xmwang1982
        > > *Sent:* Wednesday, September 10, 2008 6:07 AM
        > > *To:* [email protected] 
<mailto:flexcoders%40yahoogroups.com> 
        > > *Subject:* [flexcoders] Remote Object and Session ???????
        > >
        > > Hi experts,
        > >
        > > How to add variables into the session of a remote object? Because, 
we
        > > can set channels to other servers in code. In order to do something
        > > like single sign on, I want to store something like session UUID 
into
        > > the session of HTTP connection of the remote object.
        > >
        > > Any idea? Thanks a lot.
        > >
        > > *AVIS IMPORTANT*
        > >
        > > *WARNING*
        > >
        > > Ce message électronique et ses pièces jointes peuvent contenir des
        > > renseignements confidentiels, exclusifs ou légalement privilégiés
        destinés
        > > au seul usage du destinataire vis. L'expéditeur original ne
        renonce  aucun
        > > privilège ou  aucun autre droit si le présent message a ét 
transmis
        > > involontairement ou s'il est retransmis sans son autorisation. Si 
vous
        > > n'êtes pas le destinataire vis du présent message ou si vous
        l'avez reçu
        > > par erreur, veuillez cesser immédiatement de le lire et le
        supprimer, ainsi
        > > que toutes ses pièces jointes, de votre système. La lecture, la
        > > distribution, la copie ou tout autre usage du présent message ou
        de ses
        > > pièces jointes par des personnes autres que le destinataire vis
        ne sont pas
        > > autorisés et pourraient être illégaux. Si vous avez reçu ce courrier
        > > électronique par erreur, veuillez en aviser l'expéditeur.
        > >
        > > This electronic message and its attachments may contain 
confidential,
        > > proprietary or legally privileged information, which is solely for
        the use
        > > of the intended recipient. No privilege or other rights are waived
        by any
        > > unintended transmission or unauthorized retransmission of this
        message. If
        > > you are not the intended recipient of this message, or if you have
        received
        > > it in error, you should immediately stop reading this message and
        delete it
        > > and all attachments from your system. The reading, distribution,
        copying or
        > > other use of this message or its attachments by unintended
        recipients is
        > > unauthorized and may be unlawful. If you have received this e-mail
        in error,
        > > please notify the sender.
        > > 
        > >
        >
        
        

AVIS IMPORTANT

WARNING

Ce message électronique et ses pièces jointes peuvent contenir des 
renseignements confidentiels, exclusifs ou légalement privilégiés destinés au 
seul usage du destinataire visé. L'expéditeur original ne renonce à aucun 
privilège ou à aucun autre droit si le présent message a été transmis 
involontairement ou s'il est retransmis sans son autorisation. Si vous n'êtes 
pas le destinataire visé du présent message ou si vous l'avez reçu par erreur, 
veuillez cesser immédiatement de le lire et le supprimer, ainsi que toutes ses 
pièces jointes, de votre système. La lecture, la distribution, la copie ou tout 
autre usage du présent message ou de ses pièces jointes par des personnes 
autres que le destinataire visé ne sont pas autorisés et pourraient être 
illégaux. Si vous avez reçu ce courrier électronique par erreur, veuillez en 
aviser l'expéditeur.

This electronic message and its attachments may contain confidential, 
proprietary or legally privileged information, which is solely for the use of 
the intended recipient. No privilege or other rights are waived by any 
unintended transmission or unauthorized retransmission of this message. If you 
are not the intended recipient of this message, or if you have received it in 
error, you should immediately stop reading this message and delete it and all 
attachments from your system. The reading, distribution, copying or other use 
of this message or its attachments by unintended recipients is unauthorized and 
may be unlawful. If you have received this e-mail in error, please notify the 
sender.

Reply via email to