Communication and Security with the Flash Communication Server - Firewalls and Security

Some corporate firewalls and proxy servers with restrictive access rules make it impossible to establish a persistent TCP/RTMP connection to a FlashCom Server. Some corporate IT staffs may open access to remote FlashCom Servers, but others will not. When corporate web access is permitted but TCP/RTMP connections are not allowed, FlashCom provides a tunneling feature that allows Flash and FlashCom to send and receive RTMP over HTTP. When tunneling is employed, the Flash Player works with the user’s browser to poll the communication server instead of establishing a direct Player-to-server TCP connection. When RTMP is tunneled, it is known as RTMPT. As of this writing, neither the Flash Player nor FlashCom directly supports SSL. However, encryption is an option when using tunneling, because browsers support SSL and an SSL proxy can be used with the server. For more information, see the article Tunneling Flash Communications Through Firewalls and Proxy Servers at:

 http://www.macromedia.com/devnet/mx/flashcom/articles/ firewalls_proxy.html

Getting Started

A free development edition of the Flash Communication Server is available from Macromedia. You can find more information on downloading it along with other licensing options at Macromedia’s web site:

  http://www.macromedia.com/software/flashcom

To install FlashCom:

1. Follow the link from the preceding URL to download the free developer edition or go directly to: 
   
    http://www.macromedia.com/cfusion/tdrc/index.cfm?product=flashcom
   
2. Once you install FlashCom, you should download the most recent updater from http://www.macromedia.com/support/flashcom/ downloads_updaters.html and install it. (Updaters are not normally added to the installation files of the most recent release, so if an updater is available for the most recent release, you should download and install it.)
   
3. Finally, download the most recent Flash communication components and run the installation program to install them in the Flash authoring environment. Separate Windows or Macintosh component updates are also available at:
   
     http://www.macromedia.com/support/flashcom/ downloads_updaters.html

FlashCom runs on Windows Server 2003, Windows Server 2000, Windows NT Server SP6 or later, and RedHat Linux. The complete system requirements and supported servers are listed at:

  http://www.macromedia.com/software/flashcom/ productinfo/systemreqs

Detailed documentation about the server including installation instructions is available from Macromedia at:

  http://www.macromedia.com/support/flashcom/ documentation.html

See the Installing Flash Communication Server and Managing Flash Communication Server documents at the preceding URL. However, for a simple test and development server, you can simply run the installer, supply an initial administrative username and password, and then run the samples to make sure the server is working. You do not need to provide a serial number. On Windows, the installer is named FlashComInstaller.exe and you can simply run it. Under Linux, you must unzip and then untar the installation file, cd, to the installation_directory and type:

  ./installFCS

The default installation includes applications that can be used by anyone who can connect to your computer. It is a good idea to protect a test development server behind some type of firewall. See Chapters 10 and 18 for important information about securing your FlashCom Server installation.

By default, the FlashCom Server listens for TCP connections on port 1935. Ideally, you should allow access to that port only from other machines under your control. If the machine is not behind a firewall, you should at least make sure the server accepts connection requests only from .swf files originating in your own domain. See Macromedia’s Managing Flash Communication Server document for more details or see:

 http://www.macromedia.com/devnet/mx/flashcom/articles/ firewalls_proxy06.html

Finally, make sure you can run some of Macromedia’s sample applications. On my Windows machine, the default installation places the sample files in:

  C:\Program Files\Macromedia\Flash Communication Server MX\samples

You can test that the server is working by going into the tutorial_sharedball subdirectory and starting up two copies of the tutorial_sharedball.swf file. You should be able to drag the ball around in one window and watch it move in the other movie. If it doesn’t work, you may have to manually start the server. On Windows, select Start -> Programs -> Macromedia -> Flash Communication Server -> Start Server. Detailed instructions for both Windows and Linux systems are available in Macromedia’s Installing Flash Communication Server.

Macromedia provides different editions and licensing schemes for the FlashCom Server. The developer edition is not licensed for production. The FlashCom Server includes a license manager that controls the number of simultaneous clients that are allowed to connect at one time and the total bandwidth the server is permitted to consume. There are also restrictions on the server editions than can be used to create virtual hosts. A complete description of product editions and licensing can be found here:

  http://www.macromedia.com/software/flashcom/ productinfo/editions

Chris Hock has also written a valuable white paper, Calculating your Bandwidth and Software License Needs for the Macromedia Flash Communication Server MX. You can find it here:

  http://www.macromedia.com/software/flashcom/ productinfo/editions/fcs_whitepaper_bandwidth.pdf

For the purposes of the rest of the book, I assume you are developing on a test system using a default installation and not on a specially configured production system. You should read Macromedia’s Managing Flash Communication Server document for details on configuring production systems.

To get the most out of the book, you should also have a microphone and web cam. For some exercises, you’ll need ColdFusion Server.

Admin Service, Administration Console, and App Inspector

The FlashCom installer also includes a secondary application known variously as the Admin Service or Administration Controller. On Windows, the Admin Service is installed as FlashComAdmin.exe, and on Linux as the fcadmin file. By default, the Admin Service is started whenever FlashCom is started and provides both administrative services and application monitoring, control, and debugging services. You can connect directly to the Admin Service using one of two Flash movies provided with FlashCom. In the FlashCom 1.5.2 release, you’ll find them in the flashcom_help\ html\admin subdirectory of the installation directory. The Administration Console (admin.swf) movie can be used to update license information, start and stop application instances, and review server diagnostic information. The Communication Application Inspector (app_inspector.swf) can be used to start and stop application instances, monitor application instance resources, and display trace( ) statement output. To use either movie, start the movie and log in to the Admin Service using the administrator username and password that you defined when you installed the server. Macromedia provides information on using the Administration Console and Communication App Inspector in Managing Flash Communication Server and Developing Communication Applications, both available from:

  http://www.macromedia.com/support/flashcom/ documentation.html

The Communication Application Inspector is particularly useful while developing and debugging applications as covered in Chapter 4 under “Using the App Inspector to Run Scripts.” You can also create your own Flash movies and communication applications that connect to the Admin Service. Chapter 10 describes the services that are available via the Admin Service and how to use the Server Management API.

Please check back next week for the conclusion of this article.

Comments On: Communication and Security with the Flash Communication Server

· This article is an excerpt from the book "Programming Flash Communication Server,"...   >>> Post your comment now!

Buy this book...

This article is excerpted from chapter one of the book Programming Flash Communication Server, written by Brian Lesser, Giacomo Guilizzoni, Robert Reinhardt, Joey Lott, and Justin Watkins (O'Reilly, 2005; ISBN: 0596005040). Check it out today at your favorite bookstore. Buy this book now.