Chad,
FluorineFx by default disables access to all classes that
are not public and marked with the [RemotingService]
attribute.
Zoli
Is there a way I can set up my web application to disallow all access to
services or objects, except for those I specify?
For example, I have a large API with many assemblies that will be on
the web site, and adding Fluorine to the mix seems to expose the possibility of
public access to my entire API.
I don't think I can use the Fluorine authorization or authentication scheme
for this task, since it would be too easy to spoof. Likewise, the web.config
classMappings and services elements don't seem like they'd do the job.
I'm new to Fluorine and my work is primarily on the .Net side of things, so
I'm hoping I'm just missing something obvious here. Fluorine works great, but I
can't use it if there's the slightest possibility my API could be hacked.
Chad
_______________________________________________
fluorine mailing list
fluorine@...
http://fluorine.thesilentgroup.com/mailman/listinfo/fluorine_fluorine.thesilentgroup.com
