| Building and Deploying Flex 2 Applications > Building and Deploying Overview > Applying Flex Security > Using RPC services | |||
|
|||
|
|||
|
|||
You can use the RPC services classes--RemoteObject, HTTPService, and WebService--not only to control access to the data that goes into an MXML page, but also to control the data and actions that flow out of it. You can also use service authentication to allow only certain users to perform certain actions. For example, if you have an application that allows employee data to be modified through a RemoteObject call, use RemoteObject authentication to make sure that only managers can change the employee data.
A service-based architecture makes it easy to implement several different security models for your Flex application. You can use programmatic security to limit access to services, or you can apply declarative security constraints to entire services.
Accessing RPC services with Flex tags such as the <mx:WebService> and <mx:HTTPService> tags is possible with and without Flex Data Services. However, if you are not running Flex Data Services, your Flex application's SWF file must connect to the service directly, which means that it can encounter security-based limitations. This section describes the security restraints applied to Flex applications when they access RPC services with and without Flex Data Services.
Flex 2.01
