Now I did mention that Flex says it REQUIRES RDS to be enabled in order
to use Flex data services.
This is only required to use the wizards in Flash Builder, just like
you need RDS to do things in CF Builder. Once your code is written,
you can deploy it to servers without RDS enabled.
Dave
Way back in the day I was told RDS was horribly insecure and I wrote it
off and never looked back.
Neither RDS nor the CF Administrator should be exposed to untrusted
clients. They're both password protected with no auditing of failed
authentication events.
Dave Watts, CTO, Fig Leaf Software
Dreamweaver aso needs RDS for a lot of its features, but RDS is not
supposedly to be installe don production servers.
If you run CF enterprise, then you can sandbox RDS access and give each user
their own login and limit what folders they have access to.
This is what I do on cfmldeveloper.com to
RDS in production is still a no-no. :-)
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
Short answer, how secure RDS is or isn't is really not the issue. What is
more important is that security fundamentals demand that you don't run
anything not completely necessary on production boxes. Your HTTP server is
necessary, remote access services (be it RDS or FTP or ...) are generally
not
Thanks Ben/Matt!
Now I did mention that Flex says it REQUIRES RDS to be enabled in order
to use Flex data services.
The only alternative I see is to call the CFCs as webservices instead of
as a Flex data service. Calling local webservices would have a tonne of
extra overhead.seems like the
I'm no Flex guru by any stretch, but I've never heard this one before (and
find it kinda hard to believe?)
Can anyone who has more Flex experience confirm this?
Mark
On Tue, Mar 1, 2011 at 7:25 AM, Bryan Stevenson
br...@electricedgesystems.com wrote:
Now I did mention that Flex says it
It doesn't.
Nic
Sent from my Verizon Wireless Phone
- Reply message -
From: Mark Mandel mark.man...@gmail.com
Date: Mon, Feb 28, 2011 6:27 pm
Subject: How secure is RDS
To: cf-talk cf-talk@houseoffusion.com
I'm no Flex guru by any stretch, but I've never heard this one before (and
OK then Nic/Mark
http://www.adobe.com/devnet/flex/articles/fcf_ataglance_flex_coldfusion.html
Seems to contradict you guys
I'd love a non-webservice and non-RDS enabled solution, but Adobe seems
to think RDS is the way?? I am in no way wanting to use RDS and not
disagreeing with
...and I've re-read the link I just posted and I may be confused about
the role of RDS in all this. It may only be required for CFC
introspection in Flex Builder 4.
I may very well have confused a bunch of articles that said RDS had to
be enabled.then landed on the Adobe page thinking I'd
Flash development.
Regards,
Andrew Scott
http://www.andyscott.id.au/
-Original Message-
From: Bryan Stevenson [mailto:br...@electricedgesystems.com]
Sent: Tuesday, 1 March 2011 11:03 AM
To: cf-talk
Subject: Re: How secure is RDS
OK then Nic/Mark
http://www.adobe.com/devnet
On Mon, Feb 28, 2011 at 7:02 PM, Bryan Stevenson
br...@electricedgesystems.com wrote:
OK then Nic/Mark
http://www.adobe.com/devnet/flex/articles/fcf_ataglance_flex_coldfusion.html
Seems to contradict you guys
I'd love a non-webservice and non-RDS enabled solution, but Adobe
, however
in development the Flash Builder might require RDS to do Flash development.
Regards,
Andrew Scott
http://www.andyscott.id.au/
-Original Message-
From: Bryan Stevenson [mailto:br...@electricedgesystems.com]
Sent: Tuesday, 1 March 2011 11:03 AM
To: cf-talk
Subject: Re: How secure
://www.andyscott.id.au/
-Original Message-
From: Bryan Stevenson [mailto:br...@electricedgesystems.com]
Sent: Tuesday, 1 March 2011 11:03 AM
To: cf-talk
Subject: Re: How secure is RDS
OK then Nic/Mark
http://www.adobe.com/devnet/flex/articles/fcf_ataglance_flex_coldfusion
Subject: Re: How secure is RDS
OK then Nic/Mark
http://www.adobe.com/devnet/flex/articles/fcf_ataglance_flex_coldfusion.
html
Seems to contradict you guys
I'd love a non-webservice and non-RDS enabled solution, but Adobe seems
to think RDS is the way?? I am in no way wanting
-talk
Subject: Re: How secure is RDS
OK then Nic/Mark
http://www.adobe.com/devnet/flex/articles/fcf_ataglance_flex_coldfusion.
html
Seems to contradict you guys
I'd love a non-webservice and non-RDS enabled solution, but Adobe
seems
to think RDS is the way?? I
://www.andyscott.id.au/
-Original Message-
From: Bryan Stevenson [mailto:br...@electricedgesystems.com]
Sent: Tuesday, 1 March 2011 11:03 AM
To: cf-talk
Subject: Re: How secure is RDS
OK then Nic/Mark
http://www.adobe.com/devnet/flex/articles
Oopsone last thing for now I think Nic
The article seems to perhaps be more about CF 9 and ORM than Flex and
CFis that a safe assumption?
I'm asking because I'm stuck on CF 8 for the time being and hoping to
avoid confusion between what I'm trying to do and what CF 9 can do ;-)
The article is about CF 9 ORM, but the pattern remains the same. The ORM
methods are generated in cf9, but in CF8 your objects would probably still
have the same accessor methods.
Nic
On 2/28/11 8:01 PM, Bryan Stevenson br...@electricedgesystems.com
wrote:
Oopsone last thing for now I
and it was the accessor stuff that lost me ;-)
In simple terms are you talking about a single CFC that all other CFC
calls pass-through? I've heard that called a facade, but whatever you
call it, it is a way of not requiring all CFCs to be of accessType
remote when using AJAX_CFC for
...@electricedgesystems.com]
Sent: Tuesday, 1 March 2011 12:50 PM
To: cf-talk
Subject: Re: How secure is RDS
and it was the accessor stuff that lost me ;-)
In simple terms are you talking about a single CFC that all other CFC
calls pass-
through? I've heard that called a facade
Most of my apps use multiple clients. I many times have a serviceProxy
and remotingProxy. At a real basic level the remotingProxy mirrors
whatever I need in the serviceProxy as remote methods. The service layer
can be RESTful (put/get/post/delete), as Andrew suggested, or can be
regular
22 matches
Mail list logo