MACROMEDIA FLASH COMMUNICATION SERVER MX-SERVER-SIDE COMMUNICATION ACTIONSCRIPT DICTIONARY Manual de usuario descargar pdf (Pagina 54)

Chapter 454

To have the server perform authentication of connecting users other than administrators, use the

<Allow> and <Deny> tags in the Adaptor.xml and Vhost.xml files. With these tags you can

prevent users from connecting from all domains other than those you specify. The server checks

incoming connections against the Adaptor.xml file and then the Vhost.xml file when processing

non-administrator connection requests.

To provide administrato r authorization (assigning permissions), the server uses the Server.xml file.

When you define a user as a server or virtual host administrator in this file, the server associates

certain permissions with that user. Virtual host administrators can manage only a virtual host—

for example, they can reload or disconnect applications on that virtual host. Server administrators

can exercise control over all virtual hosts and perform server-level tasks, such as restarting or

shutting down the server.

By default, only the Administration Console performs user authorization. When developing your

own communication applications, you can decide whether to implement user authorization;

some kinds of applications need this capability while others do not. For example, when

developing a simple chat application, you might choose to create two different versions of your

Macromedia Flash MX client movie. One version might be a chat participant version; another

might be a chat moderator version, with additional functionality built in, such as the ability to

edit users’ posts or disconnect users. Using server-side ActionScript, you can define which users

are able to connect with the moderator version of the movie.

As an additional security feature, the Administration Console actually connects to the Flash

Communication Server Admin service, which then communicates with the server service to

perform administration tasks.

Choosing passwords

When choosing passwords, remember to make them as secure as possible. The following

guidelines can help you create more secure passwords:

• The minimum length of a password should be 7 characters.

• Passwords should not contain your user name or any part of it (for example: Jane, Doe, Jdoe).

• Passwords should contain three of the following four items: at least one uppercase letter (A-Z),

at least one lowercase letter (a-z), at least one numeric character (0-9), and at least one non-

alphanumeric character shown here:

! _ * # $ % & ; + -

• Passwords should be changed regularly and none of the last five passwords should be reused.

Developing secure applications

If you develop Flash Communication Server applications, you can use strategies to ensure the

security of your applications and the data they use.

Confirm the location of the client SWF. When you deploy a Flash Communication Server

application, use a server-side script to verify that connecting SWF files are coming from the

location you expect (and not from an unknown computer). You can do this by checking the

client.referrer property of the client object before the server accepts the connection.

For more information about writing server-side scripts, see Developing Communication

Applications.

1 2 ... 49 50 51 52 53 54 55 56 57 58 59 60

Sin comentarios

MACROMEDIA FLASH COMMUNICATION SERVER MX-SERVER-SIDE COMMUNICATION ACTIONSCRIPT DICTIONARY Manual de usuario Pagina 54