Comments on: WebORB Security Flex .NET Server Side PartI

By: Ah Kong Wimax

Ah Kong Wimax — Sun, 14 Mar 2010 14:34:33 +0000

Keep up the fine effort!

By: admin

admin — Sat, 11 Apr 2009 17:42:22 +0000

If you don’t want to work with the acl’s you’ll need to implement your own authenticationhandler.
This link http://www.adobe.com/devnet/flex/articles/net_security_04.html is really everything you’ll need to know to get you started!

By: DustinB

DustinB — Thu, 09 Apr 2009 23:57:39 +0000

Hi, I too am searching for a clear explanation of how to authenticate through WebORB with credentials stored in a SQL database. I currently have everything working with the ACLs in weborb.config but am not sure how to go about creating and using my own authentication and authorization handlers. Can anyone point me in the right direction?

By: admin

admin — Thu, 18 Dec 2008 22:17:39 +0000

Hi there,

For the example the easiest thing was to work with the acl list, but I actually don’t work with that. I do work with passwords that are in the database. For that you need to wait for a blog post on that in the future or lookup the AuthenticationHandler, AuthorizationHandler and RolesProvider in Weborb.config. There are some articles on the internet, but I didn’t find them always very clear. I’ll try to post something on this in the next days.

By: JBrown

JBrown — Thu, 18 Dec 2008 21:23:38 +0000

Excellent! Excellent! Excellent. Clear and understandable. Thank you. I have been trying to understand this security model for a week now. How would things work if the passwords are stored in a database rather than the config file? Wouldn’t storing passwords in a file be a ‘bad’ practice? Does the RemoteObject.setCredentials work against a database? If so, how should