3 Replies Latest reply on Oct 30, 2011 7:57 AM by cosmits

    How to implement a secure authentication model to a Flex 4 / CF9 app?


      Hi all

      been searching without finding a lot of clarity on the matter

      I'm building a flex application that communicates through flash remoting with CF9 cfc methods


      I want to make sure my some cfc methods are accessible only by authenticated users

      how do I prevent from someone bypassing the flex interface and calling them directly?


      I'm looking for the simplest way to implement it

      I'd prefer not to use cookies


      is then an easy built-in mechanism / tutorial to implement?


      it sounds like it make sense to authenticate a user and have cf return an accsess token that would be kept on the server

      so does it mean that each flex call to cf should include this token?

      what about the cfc's? do I need to construct a central cfc to rout all calls and check the access token before routing & processing any DB query?


      I would REALLY appeciate a clean minimal solution

      thanks a million