If you want your Flex app to communicate
with a Java class you must use AMF unless you expose it as a SOAP service. I’m
not sure how you were intending on reaching it without AMF?
When you do use AMF you are restricted to classes
that are available to the web application in which Flex is running (or more
accurately your amf gateway). We have the whitelist in flex-config.xml which
gives you more control over which classes can be accessed.
Matt
From:
flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED]
Sent: Monday, April 25, 2005 11:08
AM
To: flexcoders@yahoogroups.com
Subject: [flexcoders] Questions
About Services Security
I want to use RemoteObject that invokes a Java
class. (not AMF,
HTTPService, or SOAP).
Question 1, are the Java classes restricted to the
same server as
Flex? (besides some funky network share i mean).
Question 2, Using RemoteObject to Java classes
(not AMF) do I gain the
security that only mxml's from the same domain (or
allowable domains
through domain.xml and flex-config.xml) can access
the Java class?
Thanks for any answers to these questions or any
other insights to
Security in regards to RemoteObject Java classes.
I do understand about HTTPS, I am more concerned
about easy access to
Remote calls.
Yahoo! Groups Links
To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/
To unsubscribe from this group, send an email to:[EMAIL PROTECTED]
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
