views:

227

answers:

0

I've searched all over and can't find this addressed anywhere.

I have a Flash Media Server script that writes data to an ASP.Net webservice when a user connects. It works great, but I want to lock down security if possible.

The best I could come up with was to add a token to the flashVars of the client flv, then pass it through FMS when making the web service call, but I would prefer another method if possible. Something using SOAP authentication, etc?

Here's the relevant portion of the FMS script

load("webservices/WebServices.asc");

application.onAppStart = function()
{
 application.allowDebug = true;

 webServiceObj = new WebService('http://webserviceURI.asmx?WSDL');
 webServiceObj.onLoad = function(Wsdl){
  trace("result string -- " + Wsdl);
 }

 webServiceObj.onFault = function(fault){
  trace("web service fault --" + fault.faultstring);
 }
}

application.onConnect = function(client, name, guid, role, sessID)
{
 callWebMethod = webServiceObj.MyWebSErviceFunction(parameters...)


 callWebMethod.onResult = function(returning){
  trace("called back from WebService");
 }
}