Hi Dimitrios,
I should have used a different wording, acknowledged. In any case, still
working through this and one of the factors that makes it more interesting is
that the target environment is clustered. Any persistent data (other than db)
would have to be kept in synch across the cluster so that all connected
machines are looking at the same stateful data.
What I'm leaning toward, as a result, is NOT to cluster my login management
functions - but to have a single server instance manage all login management
unless failover is needed.
But the original question still hangs - what's the best method to ensure a
particular set of credentials are only in use by only one person at any given
time. I can't imagine I'm the only person to look into this. All input
appreciated.
Jeff
-----Original Message-----
From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of
Dimitrios Gianninas
Sent: Friday, October 19, 2007 1:58 PM
To: [email protected]
Subject: RE: [flexcoders] Single Sign-On Strategies with LCDS
Hi Jeff,
I agree with Sam, that is not definition of Single Sign-On...whatever
your application server happens to be, perhaps you can look into their APIs and
see if they allow you to view who is logged in and the ability to terminate
someone session.
But in any case, any client logging in should get access to your
server-side collection, unless you are sending some parameters thru to the
server-side that cause your code to return nothing to the client?
Dimitrios Gianninas
RIA Developer and Team Lead
Optimal Payments Inc.
________________________________
From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of
Samuel R. Neff
Sent: Friday, October 19, 2007 12:11 PM
To: [email protected]
Subject: RE: [flexcoders] Single Sign-On Strategies with LCDS
Jeff,
I can't help with your specific problem, but have a general suggestion
related to requesting technical help and software discussions...
"Single Sign-On" has a specific meaning in software and is very
different
from what you're describing (it's related to one-time-authentication
allowing access to many systems). So it could be confusing to use terms
that have accepted meanings in non-standard ways.
More info on "Single Sign-On":
http://en.wikipedia.org/wiki/Single_sign_on
<http://en.wikipedia.org/wiki/Single_sign_on>
Best regards,
Sam
-------------------------------------------
We're Hiring! Seeking a passionate developer to join our team building
Flex
based products. Position is in the Washington D.C. metro area. If
interested
contact [EMAIL PROTECTED] <mailto:careers%40blinemedical.com>
-----Original Message-----
From: [email protected] <mailto:flexcoders%40yahoogroups.com>
[mailto:[email protected] <mailto:flexcoders%40yahoogroups.com> ] On
Behalf Of Battershall, Jeff
Sent: Friday, October 19, 2007 9:36 AM
To: [email protected] <mailto:flexcoders%40yahoogroups.com>
Subject: [flexcoders] Single Sign-On Strategies with LCDS
I'm trying to implement functionality to ensure that one set of
credentials can only be actively logged in once in my application.
The approach I am taking is to have a DataService that manages an
ArrayCollection of logged in users. When the user attempts to login and
successfully retrieves their userid from the db, an attempt is made to
add their user identity object to the managed collection. If a user
identity object with that id already exists in the collection, the
DataService throws an exception. The user will then be given the option
of kicking the other logged in client off, or not.
I'm having a heck of a time figuring out how to make this work -
particularly because I'm a newbie to FDS/FES/LCDS. All the time I have
been working with Flex (since 2004), it has been strictly on an RPC
basis.
The first thing I'm having trouble with is getting each client to be
bound to the same server-side data object. Every time I create a new
client instance, the fill method creates a new ArrayCollection. But
that's not exactly what I want. I want the user to get a reference to
an pre-existing ArrayCollection managed on the server-side. For the
life of me, so far, I haven't figured out how to get this to work.
Obviously there's something about managed data that I just don't get.
Any help appreciated!!!!!!!!!
Jeff Battershall
AVIS IMPORTANT
WARNING
Ce message électronique et ses pièces jointes peuvent contenir des
renseignements confidentiels, exclusifs ou légalement privilégiés destinés au
seul usage du destinataire visé. L'expéditeur original ne renonce à aucun
privilège ou à aucun autre droit si le présent message a été transmis
involontairement ou s'il est retransmis sans son autorisation. Si vous n'êtes
pas le destinataire visé du présent message ou si vous l'avez reçu par erreur,
veuillez cesser immédiatement de le lire et le supprimer, ainsi que toutes ses
pièces jointes, de votre système. La lecture, la distribution, la copie ou tout
autre usage du présent message ou de ses pièces jointes par des personnes
autres que le destinataire visé ne sont pas autorisés et pourraient être
illégaux. Si vous avez reçu ce courrier électronique par erreur, veuillez en
aviser l'expéditeur.
This electronic message and its attachments may contain confidential,
proprietary or legally privileged information, which is solely for the use of
the intended recipient. No privilege or other rights are waived by any
unintended transmission or unauthorized retransmission of this message. If you
are not the intended recipient of this message, or if you have received it in
error, you should immediately stop reading this message and delete it and all
attachments from your system. The reading, distribution, copying or other use
of this message or its attachments by unintended recipients is unauthorized and
may be unlawful. If you have received this e-mail in error, please notify the
sender.
