Hi, I have a flex application that do a webservice call to a ssl-secure tomcat server. The login to the webservice is basic authorization that is sent via http header. The crossdomain.xml on the server looks like this: <cross-domain-policy> <site-control permitted-cross-domain-policies="all"/> <allow-access-from domain="*" secure="false"/> <allow-http-request-headers-from domain="*" headers="*" secure="false"/> </cross-domain-policy>
This crossdomain.xml file is located in the deployment catalog on the tomcat server. And now to the problem.. It all works great until you clear the "Authenticated sessions" in firefox. In the "access.log" for the server there is no indication that the flex application even tries to get the crossdomain or do a webservice call to the server. After a minute the application works as expected again. I have searched the Internet and think the problem might be that a jsessionid is created when doing a call to the server the first time, but when the "Authenticated sessions" is cleared the session is cleared and flash tries to use the old jsessionid. Is there a way to tell flex that it should start a new session when one fails? Any help on this would be greatly appreciated! /Mats
