views:

55

answers:

1

I'm building a flex application and want to know the alternatives regarding security.

  1. don't want to use spring
  2. using graniteds
  3. limited access application server
A: 

In theory, since your Flex application is running on the client, a malicious user can do anything that the application can do.

Since your application is Flash, a user can decompile and deobfuscate your code and figure out which network protocol you're using -- it all depends on how much effort you've made to hide things and how determined the attacker is.

In short, verify each user action on the server side.

a paid nerd