On Wednesday, Jun 18, 2003, at 12:48 US/Pacific, Igor Ilyinsky wrote:
> The issue is clearly one of U3. That is the only change I made this
> morning, and now the thing Don't work!
Yup, Updater 3 disables the web service proxy feature in Flash Remoting
by default since it can be used for a DoS attack.
> Unfortunately, this is one of those issues that only someone who has
> this working with U3 can help with, or (as that scenario may not
> actually exist) someone from Macromedia with an in depth knowledge of
> the FlashRemoting servlet.
I have it working so I can explain how to re-enable it. But it is a
security hazard so beware:
A standalone SWF can connect to ACME's Flash Remoting gateway and used
it to repeatedly call Web Services either elsewhere (out on the
internet or within ACME's network).
If you re-enable the web service proxy you should ensure that port 80
traffic outbound from your application server is firewall-restricted
and that any internal web services accessible from your app server are
secured (e.g., via username/password). Note: restricting port 80
outbound traffic implies that your web server and your app server must
be separate (since a web server must be able to send outbound port 80
traffic!).
In WEB-INF/web.xml, look for the Flash gateway servlet definition and
modify it as shown:
<servlet id="macromedia_servlet_11">
<servlet-name>FlashGateway</servlet-name>
<display-name>Flash Gateway</display-name>
<description>Allows flash to connect to CFML and CFC
templates.</description>
<servlet-class>coldfusion.bootstrap.BootstrapServlet</servlet-class>
**** add these lines following: ****
<init-param>
<param-name>DISABLE_CFWS_ADAPTERS</param-name>
<param-value>true</param-value>
<description>When set to true, this setting disables the
ColdFusion Web
Services Adapters in the gateway.</description>
</init-param>
*** end of added lines above ****
<init-param id="InitParam_103401311064890">
<param-name>servlet.class</param-name>
<param-value>flashgateway.controller.GatewayServlet</param-value>
</init-param>
Add the <init-param> .. </init-param> piece - not the lines with ****
on them! Restart CFMX and the web services gateway should now work.
If you find it still isn't working, check to see if there's a
flashgateway deployment left in the SERVER-INF directory - if there is,
stop CFMX, remove the flashgateway deployment files completely from
SERVER-INF and start CFMX back up.
HTH,
Sean A Corfield -- http://www.corfield.org/blog/
"If you're not annoying somebody, you're not really alive."
-- Margaret Atwood
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Get the mailserver that powers this list at
http://www.coolfusion.com
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
