A–C
D–H
I–Z
Developer services
Project centers
Community resources
- Adobe Cookbooks (share code)
- CSS Advisor (browser bug fixes)
- Exchanges (share components)
- Adobe Labs
- Adobe Open Source
- Forums
- RSS feeds
- Bug base
- User groups
- Adobe Community Experts (ACE)
- Developer events
Integration
Product documentation
Downloads
Samples
Training and books
- Online training
- Classroom training
- Certification
- Adobe Developer Library
- Adobe Press
- Safari Books Online
Newsletters
Blogs
Archives
ADC program
Additional resources
Table of Contents
- Introduction
- Overview
- Flex client API
- Authentication handling
- Authorization handling
- Forms authentication
A Flex and .NET security primer
Overview
Role-based security is the most common method for restricting access to the application resources. Both Flex and .NET provide flexible infrastructures and APIs for accepting and processing user credentials. The Flex client is responsible for gathering user credentials and passing them to the server for further authentication. As a result, it is the .NET developer responsibility to implement security measures on the server-side.
Figure 1 below reviews the process of authenticating a user and granting access to an application resource (service):
Figure 1. Process of authenticating a user and granting access to an application resource (service)
It is important to note that the .NET framework in combination with IIS natively supports many of the concepts described in this article. However, the usage of WebORB as a gateway between the Flex clients and .NET back-end applications significantly simplifies the task of securing application resources.
What is WebORB?
If you are getting started with Flex and .NET integration, chances are you heard something about WebORB. If not, it is a product by Midnight Coders designed to simplify integration between Flex, Flash, and AJAX clients and various back-end environments. Specifically in the context of this article, I refer to WebORB for .NET—an implementation capable of processing Flex remoting requests and dispatching them to .NET objects in the form of method invocations.. WebORB implements the AMF3 protocol and provides a rich framework for publishing and exposing .NET classes as Flex remoting services.
