www.astatech.com Manual Central ASTA Users Guide Security





Asta Technology Group
Welcome to the world of wireless enabled web services
advanced search
ASTA in 60 seconds
ASTA in action
Developer details
Free Internet tools
Demos
Business views
White papers
Tutorial center
Testimonials
Asta online help
ASTA Users Guide

Security

Key Client Server
Properties DTUserName, DTPassword DTAccess, DTUserName, DTPassword
Methods    
Events    

ASTA provides powerful design time features by allowing a developer to access currently running AstaServers. This access does not require a password, a convenience that allows you to have easy access to your design time data without having to type in usernames and passwords at every turn. But it also opens up a potential security hole. Other ASTA developers, if they knew the IP Address and the Port of your AstaServer, would be able to gain access to your database if they were so inclined. One simple step that you can take to help avoid this problem is to switch your AstaServers from the default Port of 9000 to a different number above 1024.

To close the door completely, ASTA provides server-side and client-side properties that allow you to control who accesses the servers at design time. The AstaClientSocket and the AstaServerSocket both have DTUserName and DTPassword properties. Those properties are controlled by the AstaServerSocket's DTAccess property. DTAccess is defaulted to True. For maximum security, you should set DTAccess to false and then assign matching UserName and Passwords to the AstaClientSocket and AstaServerSocket DTUserName and DTPassword properties. If you set DTAccess to False, you must provide DTUserName and DTPassword values. Null values will not be accepted and the client will be terminated.

 

Last modified: 5/5/2002 7:32:36 AM
Copyright © 2001-2002 Asta Technology Group, Inc. Terms & Conditions     Privacy Policy     Site Map