Bingo maybe ? http://static.springframework.org/spring-ws/docs/1.0-m3/reference/html/ch04s04.html
Dan Rossi wrote: > Just found an example here but its a soap service using WS4J is there a > soap impl in spring already ? So a php dynamic script is able to securly > do a soap request to obtain a token. > > http://www.vorburger.ch/blog1/2006/10/propagating-acegis-security-context-in.html > > This is waay over my head but exactly how a security system may work I > think. > > Dan Rossi wrote: > >> nomIad wrote: >> >> >>> Hi Dan, >>> >>> Ive written the tutorial your according to. >>> Ive not used this on a clustered machine, but thats not that bad. >>> >>> There is a possibility to share sessions in Database. Its quite fast >>> an reduntant secure. >>> >>> On our cluster we run PHP, but we have NO clustered sessions. The >>> thing is that our loadbalancer distribute the clients in a same way >>> every time. So a client can make 1000 calls, they would all go on >>> Cluster 1. >>> Thats not redundant security, but for our needs its enough. >>> We dont need a REALLY HIGH AVAILABLE cluster for SESSIONS. >>> >>> >> Ok, well currently we get 10K vod hits a day on each server maybe more, >> and im not really sure on the third party streams in windows media yet >> which we are porting to flash. >> >> The problem with protecting windows media when i looked into it, its >> fairly advanced for developing a token based authentication plugin in C# >> using the API, but the API is poorly documented and minimal resources >> and building the config management for it requires VC++. Im needing to >> build something similar for red5. >> >> I found, something on a description on exactly what I may need. >> >> http://eirikhoem.wordpress.com/2007/05/24/ageci-token-vs-php/ >> >> IE its going to be impossible to store credential details within a >> client because the flash can be decompiled and sniffed. The only method >> I can come up with is using dynamic scripting which can connect to the >> AMF/RCP gateway, authenticate itself with credentials over ssl, obtain >> a token from acegi return the temporary token to the flash client which >> its also loading into the webpage, the flash client connects to red5, >> validates the token and returns a longer expiring session. If the >> session expires the validation happens again. >> >> Here was something I found about clustering acegi, however if red5 >> happens to get terracotta implemented we may not need this ? >> >> http://altuure.blogspot.com/2007/04/clustering-acegi.html >> >> I'm liking the idea of an embedded db like hibernate or whatever rather >> than sql. Ie a bit overkill to run Ms Sql or oracle, and i'm not fond >> running mysql on windows servers, as we use them on linux and freebsd. >> >> >> >> >> >>> cu nomIad >>> >>> Dan Rossi schrieb: >>> >>> >>>> Dan Rossi wrote: >>>> >>>> >>>> >>>>> Hi I found this link >>>>> http://jira.red5.org/confluence/display/docs/Red5+and+Acegi+Security so >>>>> im trying to work out how to enable acegi security in our application. >>>>> >>>>> However we kind of need to auto authorize clients rather than ask for >>>>> logins. With this example how would it be possible to send some >>>>> information automatically, obtain a temporary session that the client is >>>>> validated then relogin to obtain a proper expiring session. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>> Looking a bit further it seems we may need the sessions shared across >>>> all 3 of the clustered machines. Is this what we need also to use with it ? >>>> >>>> http://www.ja-sig.org/products/cas/ >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> Red5 mailing list >>>> [email protected] >>>> http://osflash.org/mailman/listinfo/red5_osflash.org >>>> >>>> >>>> >>>> >>> ------------------------------------------------------------------------ >>> >>> _______________________________________________ >>> Red5 mailing list >>> [email protected] >>> http://osflash.org/mailman/listinfo/red5_osflash.org >>> >>> >>> >> _______________________________________________ >> Red5 mailing list >> [email protected] >> http://osflash.org/mailman/listinfo/red5_osflash.org >> >> >> > > > _______________________________________________ > Red5 mailing list > [email protected] > http://osflash.org/mailman/listinfo/red5_osflash.org > > _______________________________________________ Red5 mailing list [email protected] http://osflash.org/mailman/listinfo/red5_osflash.org
