If you're using .NET Web Services there are most likely SOAPAction headers involved, which is one of the recently blocked header types. You don't need anything to do with sockets, you probably just need to add something like this to your crossdomain.xml file:
<allow-http-request-headers-from domain="[your domain]" headers="SOAPAction"/> HTH, Ben --- In [email protected], "byte.sensei" <[EMAIL PROTECTED]> wrote: > > OK, I've been reading all the web content on the security changes > that were implemented in 9.0.124.0. I'm more confused than ever. > The security updates seem to apply to XMLSockets, and I'm not using > these *unless* they are implicitly used by SOAP Web Services. Here > is an example of web service code that works fine in versions prior > to 9.0.124.0 but not since: > > var ws : WebService = new mx.rpc.soap.WebService(); > > ws.loadWSDL(model_locator.APPLICATION_WEB_SERVICE_URL); > ws.makeObjectsBindable = false; > ws.useProxy = false; > > ws.login.resultFormat = "e4x"; > ws.login.addEventListener(ResultEvent.RESULT, > login_result); > ws.login.addEventListener(FaultEvent.FAULT, > app_commander.web_service_fault); > ws.login.arguments.username = username.text; > ws.login.arguments.password = password.text; > ws.login(); > > > From what I'm reading, it sounds like I need a sockets policy file, > although I'm not sure because this is a SOAP web service call over > HTTP and as far as I can tell shouldn't be affected by the XML > Sockets security update. To implement a master socket policy file > seems like it requires me to configure the server with a special > xmlsockets server that listens/responds on port 843. Any examples of > implementing this on IIS/Windows Server? > > Am I missing something? Maybe I just need to update my > crossdomain.xml file? I tried adding the "to-ports" to that but it's > still not working. > > What do I need to do to get the soap web services working again? >
