Security
In this section, we address the various security aspects of using Flash Remoting with Java. Application security is a broad topic in Java and encompasses many aspects of Java application development. There are user authentication and authorization systems for managing individual user access to protected application features. There are the Container-Managed Security features of a J2EE application server that manage method-level access to EJBs and user authentication security constraints in the servlet container. There are also the core Java security features that manage system resource, class, and method access within the JVM (Java Virtual Machine). There are the security features provided by specific technologies, such as web services. Finally, there is the fuzzy task of trying to guess how malicious users might try to attack the system and plugging the holes before they are exploited.
User Authentication and Authorization
Authentication is the process of identifying a user or entity accessing a system. This is usually implemented with a login process that requires a user to provide a username and password. Authorization is the process of determining the privileges of an authenticated user. Authorization may be implemented with custom application logic or using configuration in a J2EE application server to restrict access to resources based on the user’s role.
Container-Managed Security
When used with JRun, Flash Remoting clients can provide user credentials using NetConnection.setCredentials( ...
Get Flash Remoting: The Definitive Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
