本文介绍了Flex中的安全性 - 是否可以操纵下载的代码并执行Web服务的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在设计Flex中的应用程序,连接到一些Web服务来执行一些财务事务。 Web服务使用https协议进行保护,并要求在每个请求上登录时创建用户令牌。这用于认证和授权用户。到现在为止还挺好。
诀窍在于并不是所有的Web服务都是粗粒度的。举个例子,我们可以有两个Web服务方法:EnoughFounds和Transfer。所以,只有方法EnoughFounds回复真后,我会执行转移。这个逻辑是在Flex应用程序代码中编写的。
我介绍的场景如下:如果有人下载应用程序并对其进行反编译。比修改代码,所以步骤EnougFunds不执行。或者,也许写一个全新的客户端,甚至可能在其他技术,将执行转移,而不通过EnoughFunds一步。执行Transfer时,用户将被授权并在服务器上进行身份验证;但是由于他正在使用他的真实凭据,他将能够执行转移。他跳过的检查属于业务逻辑而不是安全域。我需要以某种方式确保正在执行应用程序的代码是我编写和用户下载的未修改的Flex代码。我怎样才能做到这一点?
我知道我可以重写服务,以便序列在服务器上执行,但这意味着很大的努力,我正在寻找其他类型的解决方案。
在我看来,必须有一些安全机制来解决这个特定的问题。
请注意,我并不是在寻找最佳实践方面的建议。我的要求是不要改变服务器端的任何东西。如何在协议级别保护序列,而不改变服务? 解决方案
这是一个很大的错误。任何重要的业务规则都必须在服务中检查。无论客户做什么,服务都不会让任何事情发生。
特别是有一个EnoughFunds操作是有意义的,因为如果EnoughFunds返回false,则可以告诉用户他没有足够的资金。然而,转账操作必须检查是否有足够的资金,而不是取决于客户这样一个重要的检查。
I am designing the application in Flex that connects to some web services to perform some financial transactions. Web services are secured using https protocol and are asking for user token created at login on each request. This is used to authenticate and authorize the user. So far so good.
The trick part is that not all of our web services are coarsely grained. To give you an example, we can have two web service methods: EnoughFounds and Transfer. So, only after the method EnoughFounds replies "true" will I execute Transfer. This logic is programmed inside the Flex application code.
The scenario I am presented is the following: What if someone downloads the application and decompiles it. Than modifies the code so the step EnougFunds is not executed. Or maybe writes a completely new client maybe in even other technology that will execute Transfer without passing through EnoughFunds step. On executing Transfer, user will be authorized and authenticated on the server; but since he is using his real credentials, he will be able to execute the Transfer. The check that he skipped belongs to business logic and not security domain. I need somehow to make sure that the code that is executing the application is unmodified Flex code that I wrote and user downloaded. How can I do that?I know I can rewrite services so that the sequence is executed on the server, but that implies significant effort and I am looking for some other kind of solution.
It seems to me that there must be some security mechanisms that would resolve this particular problem.
Please note that I am not looking for advice on best practices. My requirement is not to change anything on the server-side. How can I secure the sequence on protocol level, without changing services?
解决方案
This is a big mistake. Any business rules important enough to matter must be checked in the service. It must be the case that, no matter what the client does, the service never lets anything bad happen.
In particular, it makes sense to have an EnoughFunds operation because if EnoughFunds returns false, you can tell the user that he doesn't have enough funds. However, the Transfer operation must check to see if there are enough funds, and not depend on the client for such an important check.
这篇关于Flex中的安全性 - 是否可以操纵下载的代码并执行Web服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!