Comments on: Flex on Rails not a dream any more!!! http://blog.xsive.co.nz/archives/202 Weblog for X$!Ve.co.nz, Campbell Anderson Flex Developer Fri, 20 Jan 2012 00:23:22 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: انمي http://blog.xsive.co.nz/archives/202/comment-page-1#comment-134230 انمي Tue, 14 Aug 2007 18:46:57 +0000 http://blog.xsive.co.nz/archives/202#comment-134230 tanks tanks

]]> By: Alex MacCaw http://blog.xsive.co.nz/archives/202/comment-page-1#comment-80309 Alex MacCaw Sun, 04 Mar 2007 17:11:36 +0000 http://blog.xsive.co.nz/archives/202#comment-80309 Does the WebORB security mechanism limit what methods are called on the model? For example, my current setup uses REST. If users make a call to /folders they get a response containing all the folders they own. Now, with the weborb setup, wouldn't it be possible to do 'Folder.find(:all)' from flex and get all the folders! Surely there are massive security implications unless you can limit what methods are called on the server side (like weborb does currently)? Does the WebORB security mechanism limit what methods are called on the model? For example, my current setup uses REST. If users make a call to /folders they get a response containing all the folders they own. Now, with the weborb setup, wouldn’t it be possible to do ‘Folder.find(:all)’ from flex and get all the folders! Surely there are massive security implications unless you can limit what methods are called on the server side (like weborb does currently)?

]]> By: Mark Piller http://blog.xsive.co.nz/archives/202/comment-page-1#comment-79759 Mark Piller Fri, 02 Mar 2007 12:20:41 +0000 http://blog.xsive.co.nz/archives/202#comment-79759 Alex, the server side endpoints supporting the framework can be secured using WebORB security mechanism, which is very strong. Even if someone hacks together a Flex application, you still need to authenticate yourself to break-in. Alex, the server side endpoints supporting the framework can be secured using WebORB security mechanism, which is very strong. Even if someone hacks together a Flex application, you still need to authenticate yourself to break-in.

]]> By: Alex MacCaw http://blog.xsive.co.nz/archives/202/comment-page-1#comment-79757 Alex MacCaw Fri, 02 Mar 2007 12:07:04 +0000 http://blog.xsive.co.nz/archives/202#comment-79757 Has anyone thought of the security implications involved? Even if you authenticate users, someone could just make a flex application that accesses server side data that it shouldn't... Active Resource for flex (REST) is an alternative , for example: var delegate:Post = new Post( this ); var o:Object = new Object() o.name = “foo” delegate.save(o) Has anyone thought of the security implications involved? Even if you authenticate users, someone could just make a flex application that accesses server side data that it shouldn’t…
Active Resource for flex (REST) is an alternative , for example:
var delegate:Post = new Post( this );
var o:Object = new Object()
o.name = “foo”
delegate.save(o)

]]>