I've searched all over and can't find this addressed anywhere.
I have a Flash Media Server script that writes data to an ASP.Net webservice when a user connects. It works great, but I want to lock down security if possible.
The best I could come up with was to add a token to the flashVars of the client flv, then pass it through FMS when making the web service call, but I would prefer another method if possible. Something using SOAP authentication, etc?
Here's the relevant portion of the FMS script
load("webservices/WebServices.asc");
application.onAppStart = function()
{
application.allowDebug = true;
webServiceObj = new WebService('http://webserviceURI.asmx?WSDL');
webServiceObj.onLoad = function(Wsdl){
trace("result string -- " + Wsdl);
}
webServiceObj.onFault = function(fault){
trace("web service fault --" + fault.faultstring);
}
}
application.onConnect = function(client, name, guid, role, sessID)
{
callWebMethod = webServiceObj.MyWebSErviceFunction(parameters...)
callWebMethod.onResult = function(returning){
trace("called back from WebService");
}
}