Hi Dimitrios,
 
I should have used a different wording, acknowledged.  In any case, still 
working through this and one of the factors that makes it more interesting is 
that the target environment is clustered. Any persistent data (other than db) 
would have to be kept in synch across the cluster so that all connected 
machines are looking at the same stateful data.
 
What I'm leaning toward, as a result, is NOT to cluster my login management 
functions - but to have a single server instance manage all login management 
unless failover is needed.
 
But the original question still hangs - what's the best method to ensure a 
particular set of credentials are only in use by only one person at any given 
time. I can't imagine I'm the only person to look into this.  All input 
appreciated.
 
Jeff

        -----Original Message-----
        From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of 
Dimitrios Gianninas
        Sent: Friday, October 19, 2007 1:58 PM
        To: [email protected]
        Subject: RE: [flexcoders] Single Sign-On Strategies with LCDS
        
        
        Hi Jeff,
         
        I agree with Sam, that is not definition of Single Sign-On...whatever 
your application server happens to be, perhaps you can look into their APIs and 
see if they allow you to view who is logged in and the ability to terminate 
someone session. 
         
        But in any case, any client logging in should get access to your 
server-side collection, unless you are sending some parameters thru to the 
server-side that cause your code to return nothing to the client?
         
        Dimitrios Gianninas
        RIA Developer and Team Lead
        Optimal Payments Inc.
         

________________________________

        From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of 
Samuel R. Neff
        Sent: Friday, October 19, 2007 12:11 PM
        To: [email protected]
        Subject: RE: [flexcoders] Single Sign-On Strategies with LCDS
        
        

        Jeff,
        
        I can't help with your specific problem, but have a general suggestion
        related to requesting technical help and software discussions...
        
        "Single Sign-On" has a specific meaning in software and is very 
different
        from what you're describing (it's related to one-time-authentication
        allowing access to many systems). So it could be confusing to use terms
        that have accepted meanings in non-standard ways.
        
        More info on "Single Sign-On":
        
        http://en.wikipedia.org/wiki/Single_sign_on 
<http://en.wikipedia.org/wiki/Single_sign_on> 
        
        Best regards,
        
        Sam
        
        -------------------------------------------
        We're Hiring! Seeking a passionate developer to join our team building 
Flex
        based products. Position is in the Washington D.C. metro area. If 
interested
        contact [EMAIL PROTECTED] <mailto:careers%40blinemedical.com> 
        
        -----Original Message-----
        From: [email protected] <mailto:flexcoders%40yahoogroups.com>  
[mailto:[email protected] <mailto:flexcoders%40yahoogroups.com> ] On
        Behalf Of Battershall, Jeff
        Sent: Friday, October 19, 2007 9:36 AM
        To: [email protected] <mailto:flexcoders%40yahoogroups.com> 
        Subject: [flexcoders] Single Sign-On Strategies with LCDS
        
        I'm trying to implement functionality to ensure that one set of
        credentials can only be actively logged in once in my application. 
        
        The approach I am taking is to have a DataService that manages an
        ArrayCollection of logged in users. When the user attempts to login and
        successfully retrieves their userid from the db, an attempt is made to
        add their user identity object to the managed collection. If a user
        identity object with that id already exists in the collection, the
        DataService throws an exception. The user will then be given the option
        of kicking the other logged in client off, or not.
        
        I'm having a heck of a time figuring out how to make this work -
        particularly because I'm a newbie to FDS/FES/LCDS. All the time I have
        been working with Flex (since 2004), it has been strictly on an RPC
        basis. 
        
        The first thing I'm having trouble with is getting each client to be
        bound to the same server-side data object. Every time I create a new
        client instance, the fill method creates a new ArrayCollection. But
        that's not exactly what I want. I want the user to get a reference to
        an pre-existing ArrayCollection managed on the server-side. For the
        life of me, so far, I haven't figured out how to get this to work.
        Obviously there's something about managed data that I just don't get. 
        
        Any help appreciated!!!!!!!!!
        
        Jeff Battershall
        
        

AVIS IMPORTANT

WARNING

Ce message électronique et ses pièces jointes peuvent contenir des 
renseignements confidentiels, exclusifs ou légalement privilégiés destinés au 
seul usage du destinataire visé. L'expéditeur original ne renonce à aucun 
privilège ou à aucun autre droit si le présent message a été transmis 
involontairement ou s'il est retransmis sans son autorisation. Si vous n'êtes 
pas le destinataire visé du présent message ou si vous l'avez reçu par erreur, 
veuillez cesser immédiatement de le lire et le supprimer, ainsi que toutes ses 
pièces jointes, de votre système. La lecture, la distribution, la copie ou tout 
autre usage du présent message ou de ses pièces jointes par des personnes 
autres que le destinataire visé ne sont pas autorisés et pourraient être 
illégaux. Si vous avez reçu ce courrier électronique par erreur, veuillez en 
aviser l'expéditeur.

This electronic message and its attachments may contain confidential, 
proprietary or legally privileged information, which is solely for the use of 
the intended recipient. No privilege or other rights are waived by any 
unintended transmission or unauthorized retransmission of this message. If you 
are not the intended recipient of this message, or if you have received it in 
error, you should immediately stop reading this message and delete it and all 
attachments from your system. The reading, distribution, copying or other use 
of this message or its attachments by unintended recipients is unauthorized and 
may be unlawful. If you have received this e-mail in error, please notify the 
sender.

         

Reply via email to