Yes, useful indeed. Thanks for posting it. It would have taken me a long
time to figure out why my firefox uploads failed ;-) (the upload was
fine, just no session cookie)...
--- In [EMAIL PROTECTED], pgp.coppens [EMAIL PROTECTED]
wrote:
Oh well, that turned out to be pretty messy
First I got worried as the doc states
The FileReference and FileReferenceList classes also do not provide
methods for authentication. With servers that require authentication,
you can download files with the Flash® Player browser plug-in, but
uploading (on all players) and downloading (on the stand-alone or
external player) fails.
On this and other sites I did however find users that got it working.
The trick (with Tomcat) is to just add the servlet's jsessionid
stored
in the cookie also on the FileReference's url. One has a few choices
to
get the sessionid into flex. In my case that was easy, because I am
sending xml back and forth anyway I just added the sessionid to the
reply the servlet sends when the login succeeds. The servlet request
has
a getter to get hold of it (getRequestedSessionId)
Whenever one wants to upload something, append the sessionid to the
request url. Something like
urlRequest=new URLRequest(_servletUrl + servicePath +
;jsessionid= + _sessionId );
Note the semicolon - this is not a url parameter.
That first did not work in my case because Flex kept on sending some
session cookie with the upload request and the server therefore
ignored
the jsessionid on the url. Weirdly that cookie was not stored in the
browser and no matter how hard I tried to clean up the browser's
caches, it kept being there. Obviously (but not for me at 2am) it is
the
flash/flex runtime that has its own session/cookie cache. Quitting the
browser (and the flex runtime) is what finally got it going.
All in all this is an ugly situation. It would help to document this
in
the flex doc (assuming this is a supported approach) and browser
consistency would have helped as wella first blow to my hopes of
escaping cross browser problems by switching to flex/flash.
Anyway, perhaps a next reader finds this useful.
Peter
--- In [EMAIL PROTECTED], pgp.coppens pc.subscriptions@
wrote:
Flex fans,
I am struggling with the following scenario
1. Use an HTTPService POST to authenticate to a servlet backend
(works
fine)
2. Use HTTPService requests to the same server and rely on previous
authentication (works fine)
3. FileReference.upload with IE also picks up the same session
cookie
and thus uses the authenticated (and authorized) session. With
Firefox
or Opera however, a FileReference.upload request does not seem to
pick
up the same JSESSIONID cookie and therefore fails as it is not
authenticated/authorized.
Does anyone know how to deal with this? How should one normally use
a
FileReference.upload to a servlet server that requires
authentication?
Any help or guidance warmly welcomed!
Peter