| Building and Deploying Flex 2 Applications > Building and Deploying Overview > Applying Flex Security > Introduction | |||
|
|||
|
|||
|
|||
Adobe Flash Player runs Flash applications (also referred to as SWF files). Flash content is delivered as a series of instructions in binary format to Flash Player over web protocols in the precisely described SWF (.swf) file format. The SWF files themselves are typically hosted on a server and then downloaded to, and displayed on, the client computer when requested. Most of the content consists of binary ActionScript instructions. ActionScript is the ECMA standards-based scripting language that Flash uses that features APIs designed to allow the creation and manipulation of client-side user interface elements and for working with data.
The Flex security model protects both client and the server. Consider the following two general aspects to security:
Flex supports working with the web application security of any J2EE application server. In addition, precompiled Flex applications can integrate with the authentication and authorization scheme of any underlying server technology to prevent users from accessing your applications. The Flex framework also includes several built-in security mechanisms that let you control access to web services, HTTP services, and server-based resources such as EJBs.
Flash Player runs inside a security sandbox that prevents the client from being hijacked by malicious application code.
Flex 2.01
