Yes, useful indeed. Thanks for posting it. It would have taken me a long time to figure out why my firefox uploads failed ;-) (the upload was fine, just no session cookie)...
--- In [EMAIL PROTECTED], "pgp.coppens" <[EMAIL PROTECTED]> wrote: > > Oh well, that turned out to be pretty messy > > First I got worried as the doc states > > The FileReference and FileReferenceList classes also do not provide > methods for authentication. With servers that require authentication, > you can download files with the Flash® Player browser plug-in, but > uploading (on all players) and downloading (on the stand-alone or > external player) fails. > On this and other sites I did however find users that got it working. > The trick (with Tomcat) is to "just" add the servlet's jsessionid stored > in the cookie also on the FileReference's url. One has a few choices to > get the sessionid into flex. In my case that was easy, because I am > sending xml back and forth anyway I just added the sessionid to the > reply the servlet sends when the login succeeds. The servlet request has > a getter to get hold of it (getRequestedSessionId) > > Whenever one wants to upload something, append the sessionid to the > request url. Something like > > urlRequest=new URLRequest(_servletUrl + servicePath + > ";jsessionid=" + _sessionId ); > > Note the semicolon - this is not a url parameter. > > That first did not work in my case because Flex kept on sending some > session cookie with the upload request and the server therefore ignored > the jsessionid on the url. Weirdly that cookie was not stored in the > browser and no matter how hard I tried to clean up the browser's > caches, it kept being there. Obviously (but not for me at 2am) it is the > flash/flex runtime that has its own session/cookie cache. Quitting the > browser (and the flex runtime) is what finally got it going. > > All in all this is an ugly situation. It would help to document this in > the flex doc (assuming this is a "supported" approach) and browser > consistency would have helped as well....a first blow to my hopes of > escaping cross browser problems by switching to flex/flash. > > Anyway, perhaps a next reader finds this useful. > > Peter > > > > > --- In [EMAIL PROTECTED], "pgp.coppens" pc.subscriptions@ > wrote: > > > > Flex fans, > > > > I am struggling with the following scenario > > > > 1. Use an HTTPService POST to authenticate to a servlet backend (works > > fine) > > 2. Use HTTPService requests to the same server and rely on previous > > authentication (works fine) > > 3. FileReference.upload with IE also picks up the same session cookie > > and thus uses the authenticated (and authorized) session. With Firefox > > or Opera however, a FileReference.upload request does not seem to pick > > up the same JSESSIONID cookie and therefore fails as it is not > > authenticated/authorized. > > > > Does anyone know how to deal with this? How should one normally use a > > FileReference.upload to a servlet server that requires authentication? > > > > Any help or guidance warmly welcomed! > > > > Peter > > >