Thanks for your input. I have been sending to an https destination - but probably over insecure http, which may beone reason why it is being rejected. I had thought that the protocol property had been removed/deprecated - because I can't see it in the Flex 3 HTTPService class documentation...
>From Docs: The <mx:HTTPService> tag accepts the following tag attributes: <mx:HTTPService Properties concurrency="multiple|single|last" contentType="application/x-www-form-urlencoded|application/xml" destination="DefaultHTTP" id="No default." method="GET|POST|HEAD|OPTIONS|PUT|TRACE|DELETE" resultFormat="object|array|xml|e4x|flashvars|text" showBusyCursor="false|true" makeObjectsBindable="false|true" url="No default." useProxy="false|true" xmlEncode="No default." xmlDecode="No default." Events fault="No default." result="No default." /> Also when I compile with it included, I get an error: 'Cannot resolve attribute 'protocol' for component type mx.rpc.http.mxml.HTTPService.' Where did you get the version you sent that lists 'protocol' as a property? Is it Flex 2.01? ( I have a foreboding that I may have to use Blaze DS in order to access a secure HTTPS channel...) I do understand that I need to get a session cookie from bitshelter, just not how to obtain it. Any further tips/ thoughts are appreciated. Posted by: "Rob Kunkle" [EMAIL PROTECTED] rob_kunkle Sat Nov 29, 2008 12:44 am (PST) I haven't used bit shetler, but from this response it looks like you first have to present your email address and password to and httpS service for identification. In exchange you get a cookie back, and then you present the cookie with subsequent requests. It's like when you go in a club, and the bouncer at the front door checks your id...he would be the httpS service. Then you get your hand stamped and you can come in and out for the rest of the night through any door. The hand stamp would be the cookie. I'm not sure if you need to set up a special services-config.xml...You might want to just try sending your request to httpS://pa.photoshelter.com (or whatever url you were sending the request to)...that would be the first thing to try. you also need to set the protocol property of your httpService to "https". That will probably do the trick. You will probably then set up a second httpService for handling the rest of the api calls, and you will pass a cookie into this...probably just a string value. These requests would just go to the normal http service. Rob <mx:HTTPService concurrency="multiple|single|last" contentType="application/x-www-form-urlencoded|application/xml" fault="No default." id="No default." method="GET|POST" protocol="http|https" result="No default." resultFormat="object|xml|flashvars|text" serviceName="No default." showBusyCursor="false|true" url="No default." useProxy="true|false" xmlEncode="No default." xmlDecode="No default." /> On Nov 28, 2008, at 8:20 AM, spinglittery wrote: > Thanks for the input Rob. > It is worse than I thought... Using > trace(XML(evt.result).toXMLString()); as you suggested, I > see I am not getting authorisation because the setRemoteCredentials > function isn't being > properly received... The xml returned is: > > <BitShelterAPI version="1.1"> > <identity> > <company>PhotoShelter, Inc.</company> > <application>PhotoShelter</application> > <url>http://pa.photoshelter.com</url> > </identity> > <response> > <error> > <class>FieldRequiredErr</class> > <message>You are missing the required field > <b>Password</b>.</message> > </error> > <error> > <class>FieldRequiredErr</class> > <message>You are missing the required field <b>Email</ > b>.</message> > </error> > </response> > <usage> > <name>auth</name> > <desc>The authentication module returns an HTTP cookie that is > required by all the > other modules. This cookie is of a proprietary format and should be > sent as is. Modules > will return an updated HTTP cookie so that accurate idle time can be > tracked. Calls to the > authentication module must be made via an HTTPS connection.</desc> > <input> > <U_EMAIL>email address</U_EMAIL> > <U_PASSWORD>password</U_PASSWORD> > </input> > <output> > <cookie>session cookie</cookie> > <org>organization array</org> > <O_ID>organization ID</O_ID> > <O_NAME>organization name</O_NAME> > <OU_F_MEM>organization user member flag</OU_F_MEM> > </output> > </usage> > </BitShelterAPI> > > I am somewhat concerned that perhaps I am not connecting via a > secure connection.( > "Calls to the authentication module must be made via an HTTPS > connection.") And wonder > whether I need to write a services-config.xml file in order to > establish https? > > > Back to top
