Flex邮件安全 [英] Flex Messaging Security
问题描述
我正在尝试为Flex应用程序创建一个模块,并且想要向客户端发送通知。我一直在寻找BlazeDS消息服务来将通知推送给客户端,但我希望能够向某些客户端发送某些更新。 Flex通知框架似乎不允许这样做 - 如果我们在消息中有一个字段,例如用户的用户ID,任何客户端理论上都可以订阅任何给定用户ID的所有消息,并且没有验证服务器端确保已订阅的客户端以该用户ID登录。
有没有我在这里错过的东西,或者是最好的方法在客户端处理这个我自己的轮询机制?
在API中的确有一个解决方案。第一步是编写一个扩展FlexClientOutboundQueueProcessor类的类。你需要重写一个方法:
public void add(List outboundQueue,Message message);
基本上所有你需要做的就是编写一些逻辑来确定你是否应该进行下面的调用: / p>
outboundQueue.add(message)
简而言之,如果不将消息添加到队列中,则消息不会被推送到客户端。在这个类中另一个重要的方法是:
$ b $ pre $ FlexClient getFlexClient()
您可以使用它来获取关联的FlexSession,并最终获得应用程序中可能存在的身份验证信息。
<一旦完成,你只需要注册处理器与适当的渠道。只需在channel-definition元素的properties元素中添加此元素即可:
< flex-client-outbound -queue-processor class =com.foo.YourProcessor/>
我相信你也可以为队列处理器指定一个嵌套的properties元素,但是我不相信这是必需的。
I'm trying to create a module for a flex application, and I want to send notifications to clients. I've been looking at the BlazeDS messaging service to push out the notifications to clients, but I want to be able to send certain updates to certain clients. The Flex notification framework doesn't seem to allow this - if we have a field in the message with a value of the user's user id for example, any client could theoretically subscribe to all messages for any given user id, and there's no verification on the server side to make sure that the client that has subscribed is logged in as that user id.
Is there something I've missed here, or is the best way to handle this writing my own polling mechanism on the client side?
There is indeed a solution for this in the APIs. The first step is to write a class which extends the FlexClientOutboundQueueProcessor class. You need to override one method:
public void add(List outboundQueue, Message message);
Basically all you need to do is write some logic to determine whether you should make the following call:
outboundQueue.add(message)
Simply put, if you don't add the message to the queue, then the message won't be pushed to the client. The other important method in this class is:
FlexClient getFlexClient()
Which you can use to get the associated FlexSession and ultimately the authentication information that presumably exists in your app.
Once this is done, you just need to register the processor with the appropriate channels. Simply add this element within the "properties" element of the "channel-definition" element:
<flex-client-outbound-queue-processor class="com.foo.YourProcessor"/>
I believe you can also specify a nested "properties" element for the queue processor but I don't believe it's required.
这篇关于Flex邮件安全的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
