OK, I am not using FDS or CFMX8 so I guess the config is all done in the services-config.xml file. The problem I have with that is the fact that we are talking about a client side compiler file which is supposed to control server side security... seems like an extremely flawed model!
Anyone who is compiling Flex applications with a local services- config.xml can control whether THEY want to access MY remote or public methods... that can't be right. The crossdomain.xml is certainly not a solution because of the ability to spoof DNS... So basically what this comes down to is that if I want to run my Flex2Gateway, every public method on my system is exposed to the world. Or am I missing something much larger... Thanks, Geoff --- In flexcoders@yahoogroups.com, "Derrick Anderson" <[EMAIL PROTECTED]> wrote: > > services-config.xml is the right file, i think remoting-config is for when > using LCDS but i'm not really sure on that, look for > > <method-access-level>remote</method-access-level> > > in your destination definition. > > On 10/26/07, geoffreymina <[EMAIL PROTECTED]> wrote: > > > > Thanks for the answer. I only have the services-config.xml where is > > the remoting-config.xml file? Is this server side, or client side? > > > > Thanks, > > Geoff > > > > --- In flexcoders@yahoogroups.com <flexcoders%40yahoogroups.com>, João > > Fernandes > > <joaopedromartinsfernandes@> wrote: > > > > > > by default you can only invoke remote functions, not public ones. To > > > allow public functions to be called from a flex front-end you need to > > > change de configuration of the ColdFusion destination. > > > Check the remoting-config.xml if you have the method-access- level > > > property set to remote. To allow both public and remote this value is > > > set to 'public and remote'. > > > -- > > > > > > João Fernandes > > > > > > http://www.onflexwithcf.org > > > http://www.riapt.org > > > > > > > > > >
