I haven't used bit shetler, but from this response it looks like you
first have to present your email address and password to and httpS
service for identification. In exchange you get a cookie back, and
then you present the cookie with subsequent requests.
It's like when you go in a club, and the bouncer at the front door
checks your id...he would be the httpS service. Then you get your hand
stamped and you can come in and out for the rest of the night through
any door. The hand stamp would be the cookie.
I'm not sure if you need to set up a special services-config.xml...You
might want to just try sending your request to
httpS://pa.photoshelter.com
(or whatever url you were sending the request to)...that would be the
first thing to try.
you also need to set the protocol property of your httpService to
"https". That will probably do the trick.
You will probably then set up a second httpService for handling the
rest of the api calls, and you will pass a cookie into this...probably
just a string value. These requests would just go to the normal http
service.
Rob
<mx:HTTPService
concurrency="multiple|single|last"
contentType="application/x-www-form-urlencoded|application/xml"
fault="No default."
id="No default."
method="GET|POST"
protocol="http|https"
result="No default."
resultFormat="object|xml|flashvars|text"
serviceName="No default."
showBusyCursor="false|true"
url="No default."
useProxy="true|false"
xmlEncode="No default."
xmlDecode="No default."
/>
On Nov 28, 2008, at 8:20 AM, spinglittery wrote:
Thanks for the input Rob.
It is worse than I thought... Using
trace(XML(evt.result).toXMLString()); as you suggested, I
see I am not getting authorisation because the setRemoteCredentials
function isn't being
properly received... The xml returned is:
<BitShelterAPI version="1.1">
<identity>
<company>PhotoShelter, Inc.</company>
<application>PhotoShelter</application>
<url>http://pa.photoshelter.com</url>
</identity>
<response>
<error>
<class>FieldRequiredErr</class>
<message>You are missing the required field
<b>Password</b>.</message>
</error>
<error>
<class>FieldRequiredErr</class>
<message>You are missing the required field <b>Email</
b>.</message>
</error>
</response>
<usage>
<name>auth</name>
<desc>The authentication module returns an HTTP cookie that is
required by all the
other modules. This cookie is of a proprietary format and should be
sent as is. Modules
will return an updated HTTP cookie so that accurate idle time can be
tracked. Calls to the
authentication module must be made via an HTTPS connection.</desc>
<input>
<U_EMAIL>email address</U_EMAIL>
<U_PASSWORD>password</U_PASSWORD>
</input>
<output>
<cookie>session cookie</cookie>
<org>organization array</org>
<O_ID>organization ID</O_ID>
<O_NAME>organization name</O_NAME>
<OU_F_MEM>organization user member flag</OU_F_MEM>
</output>
</usage>
</BitShelterAPI>
I am somewhat concerned that perhaps I am not connecting via a
secure connection.(
"Calls to the authentication module must be made via an HTTPS
connection.") And wonder
whether I need to write a services-config.xml file in order to
establish https?