A–C
D–H
I–Z
- Salesforce.com
- Security
- Scripting
- Software as a service wiki
- Spry framework for Ajax
- SVG
- SWF
- TIFF
- Video
- Web services
- XML
- XMP
Project centers
Community resources
- Flex cookbook (share code)
- CSS Advisor (browser bug fixes)
- Exchanges (share components)
- Adobe Labs
- Adobe Open Source
- Forums
- RSS feeds
- Bug base
- User group search
- About user groups
- Adobe Community Experts (ACE)
- Developer events
Product documentation
Downloads
Samples
Training and books
- Online training
- Classroom training
- Certification
- Adobe Developer Library
- Adobe Press
- Safari Books Online
Newsletters
Blogs
- MXNA (blog aggregator)
- Adobe blogs
Archives
ADC program
Additional resources
Flex Article
A Flex and .NET security primer
Mark Piller
mark@themidnightcoders.com
themidnightcoders.com
Table of Contents
- Introduction
- Overview
- Flex client API
- Authentication handling
- Authorization handling
- Forms authentication
Note: This article was created based on Flex 2. Minor changes in the description and code may be necessary before it can be applied to Flex 3.
Security is an essential attribute of any online application. Unrestricted access to the application services and resources may lead to data leaks, loss of sensitive information, and overall application instability. It is important to consider security requirements early in the application development life cycle. Application developers must answer the following questions:
- What system resources and services should be available publicly?
- What application data and functionality should be secured?
- How should the application secure access (role-based, by IP address, number of invocations per unit of time, and so forth.)?
- What security domain should the application use to store user information (ActiveDirectory, database, custom ACL list)?
This article gives an overview of the security mechanisms developers can use to address the questions above when using Flex, .NET, and WebORB.
One of my previous articles, Invoking .NET objects using the Flex RemoteObject API, describes how to invoke .NET methods from Flex. I recommended that you follow the steps in that article first, to ensure that your development environment is configured so that you can invoke .NET methods from Flex.
Requirements
Adobe Flex Builder 2.0.1
Microsoft Internet Information Services Server (version 5.x or later)
Microsoft .NET version 2.0 or later (installed on the system and integrated into IIS)
Visual Studio 2003 or 2005
WebORB for .NET version 3.2 or later
About the author
Mark Piller is the founder and Chief Architect of Midnight Coders, an innovative and forward-thinking company specializing in RIA integration technologies, professional services and training. Mark has over 15 years of software development experience. For the past five years he has been specializing in building software infrastructure products designed to integrate Flex, Flash, and AJAX applications with a variety of backend systems, including .NET, Java, PHP, and Ruby on Rails. Mark is very passionate about ease-of-use of software and prides himself in creating technologies that clearly demonstrate that quality.
