subject:"RE\: \[flexcoders\] Re\: Flex SSL over AMF with ColdFusion services\-config.xml"

Re: [flexcoders] Re: Flex SSL over AMF with ColdFusion services-config.xml

2008-01-03 Thread Douglas Knudsen

Not the case in my experience.  If the swf is loaded over SSL and AMF is not
setup for SSL in CF land, AMF will go over non-SSL.

Peter, FWIW, I never got this supposed failover to work, maybe others have
by now dunno.  I manually setup AMFChannel  to use SSL in production
environments.  Note that you have to compile your swf against the proper
services-config to do this.  What I did was have a services-config for dev,
staging, and production environments and had my build scripts use the proper
one.  YMMV.


DK

On Jan 3, 2008 10:34 AM, nasawebguy [EMAIL PROTECTED] wrote:

   Thanks Peter. My assumption was that if I'm loading via https, the
 secure channel would be used. If not, the unsecure channel would be used.

 I can try the TraceTarget, but where is the flashlog located?

 Don


 --- In flexcoders@yahoogroups.com flexcoders%40yahoogroups.com, Peter
 Farland [EMAIL PROTECTED] wrote:
 
 
  If you're loading your SWF via HTTPS then you should be able to make
  secure connections from the Flash Player. As for the right channel being
  automatically selected, it depends on whether channel failover happens
  correctly. I didn't see a destination configuration below, but if the
  channels snippet represents the list of channels for your destination,
  then I believe it will try to connect using the SecureAMFChannel first
  and fall back to the AMFChannel on failing. While this might be useful
  in development, I wouldn't suggest it for deployment - especially if you
  really do have a requirement to connect to a secure endpoint.
 
  Can you add mx:TraceTarget / to your MXML, recompile, and then debug
  or look at flashlog.txt for more information about what might be going
  wrong in the channel connection phase?
 
 
 
 
 
 
 
 
  -Original Message-
  From: flexcoders@yahoogroups.com flexcoders%40yahoogroups.com [mailto:
 flexcoders@yahoogroups.com flexcoders%40yahoogroups.com] On
  Behalf Of nasawebguy
  Sent: Wednesday, January 02, 2008 8:45 PM
  To: flexcoders@yahoogroups.com flexcoders%40yahoogroups.com
  Subject: [flexcoders] Flex SSL over AMF with ColdFusion
  services-config.xml
 
  When I use smartsniff/Charles, my remoteObject content is not
  encrypted/https/port 443. IE/Firefox shows SSL to the user, eventhough
  the data is NOT actually encrypted over AMF!
 
  Below is my services-config.xml file and remoteObject code snips.
 
  I've been researching this all day with no clear solution. As I
  understand it so far, I should be able to use two channels in my
  ColdFusion destination and the correct channel would be used
  automatically. Not the case. I need https pages to use SSL and http
  pages to not.
 
  I tried splitting them up into two destinations, ColdFusion and
  ColdFusionSecure, in the same services-config, but I keep getting
  errors that ColdFusionSecure cannot be found, when it is used at the
  remoteObject destination.
 
  I'd appreciate any suggestions.
 
  Thanks,
  Don
 
  channels
  channel ref=my-secure-cfamf/
  channel ref=my-cfamf/
  /channels
 
 
  channel-definition id=my-cfamf
  class=mx.messaging.channels.AMFChannel
  endpoint
  uri=http://{server.name}:{server.port}/flex2gateway/;
  class=flex.messaging.endpoints.AMFEndpoint/
 
  properties
  polling-enabledfalse/polling-enabled
  serialization
  instantiate-typesfalse/instantiate-types
  /serialization
  /properties
  /channel-definition
 
  channel-definition id=my-secure-cfamf
  class=mx.messaging.channels.SecureAMFChannel
  endpoint
  uri=https://{server.name}:{server.port}/flex2gateway/;
  class=flex.messaging.endpoints.SecureAMFEndpoint/
 
  properties
 
  add-no-cache-headersfalse/add-no-cache-headers
  polling-enabledfalse/polling-enabled
  serialization
  instantiate-typesfalse/instantiate-types
  /serialization
  /properties
  /channel-definition
 
 
  mx:RemoteObject
  id=cfdata showBusyCursor=true
  destination=ColdFusion source=flex.secure.send
  mx:method name=sendUpdate
  result=sendUpdate_Result(event)
  fault=sendUpdate_Fault(event) /
  /mx:RemoteObject
 
 
 
  --
  Flexcoders Mailing List
  FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt
  Search Archives:
  http://www.mail-archive.com/flexcoders%40yahoogroups.com
  Yahoo! Groups Links
 

  




-- 
Douglas Knudsen
http://www.cubicleman.com
this is my signature, like it?

RE: [flexcoders] Re: Flex SSL over AMF with ColdFusion services-config.xml

2008-01-03 Thread Peter Farland

If your destination refers to both a secure and non secure channel in
that order, and the non secure channel is being used, and you're not
specifying an endpoint property on the mx:RemoteObject tag, that
sounds like failover is working? To confirm, you could use
mx:TraceTarget level=0 / as I described and then check the
flashlog.txt.
 
 



From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On
Behalf Of Douglas Knudsen
Sent: Thursday, January 03, 2008 11:14 AM
To: flexcoders@yahoogroups.com
Subject: Re: [flexcoders] Re: Flex SSL over AMF with ColdFusion
services-config.xml


Not the case in my experience.  If the swf is loaded over SSL and AMF is
not setup for SSL in CF land, AMF will go over non-SSL.  

Peter, FWIW, I never got this supposed failover to work, maybe others
have by now dunno.  I manually setup AMFChannel  to use SSL in
production environments.  Note that you have to compile your swf against
the proper services-config to do this.  What I did was have a
services-config for dev, staging, and production environments and had my
build scripts use the proper one.  YMMV. 


DK


On Jan 3, 2008 10:34 AM, nasawebguy [EMAIL PROTECTED] wrote:


Thanks Peter. My assumption was that if I'm loading via https,
the
secure channel would be used. If not, the unsecure channel would
be used. 

I can try the TraceTarget, but where is the flashlog located?

Don



--- In flexcoders@yahoogroups.com
mailto:flexcoders%40yahoogroups.com , Peter Farland [EMAIL PROTECTED]
wrote:

 
 If you're loading your SWF via HTTPS then you should be able
to make
 secure connections from the Flash Player. As for the right
channel being
 automatically selected, it depends on whether channel failover
happens
 correctly. I didn't see a destination configuration below, but
if the
 channels snippet represents the list of channels for your
destination,
 then I believe it will try to connect using the
SecureAMFChannel first
 and fall back to the AMFChannel on failing. While this might
be useful
 in development, I wouldn't suggest it for deployment -
especially if you
 really do have a requirement to connect to a secure endpoint.
 
 Can you add mx:TraceTarget / to your MXML, recompile, and
then debug
 or look at flashlog.txt for more information about what might
be going
 wrong in the channel connection phase?
 
 
 
 
 
 
 
 
 -Original Message-
 From: flexcoders@yahoogroups.com
mailto:flexcoders%40yahoogroups.com
[mailto:flexcoders@yahoogroups.com mailto:flexcoders%40yahoogroups.com
] On
 Behalf Of nasawebguy
 Sent: Wednesday, January 02, 2008 8:45 PM
 To: flexcoders@yahoogroups.com
mailto:flexcoders%40yahoogroups.com 
 Subject: [flexcoders] Flex SSL over AMF with ColdFusion
 services-config.xml
 
 When I use smartsniff/Charles, my remoteObject content is not
 encrypted/https/port 443. IE/Firefox shows SSL to the user,
eventhough
 the data is NOT actually encrypted over AMF!
 
 Below is my services-config.xml file and remoteObject code
snips.
 
 I've been researching this all day with no clear solution. As
I
 understand it so far, I should be able to use two channels in
my
 ColdFusion destination and the correct channel would be used
 automatically. Not the case. I need https pages to use SSL and
http
 pages to not.
 
 I tried splitting them up into two destinations, ColdFusion
and
 ColdFusionSecure, in the same services-config, but I keep
getting
 errors that ColdFusionSecure cannot be found, when it is used
at the
 remoteObject destination.
 
 I'd appreciate any suggestions.
 
 Thanks,
 Don
 
 channels
 channel ref=my-secure-cfamf/
 channel ref=my-cfamf/
 /channels
 
 
 channel-definition id=my-cfamf
 class=mx.messaging.channels.AMFChannel
 endpoint
 uri=http://{server.name}:{server.port}/flex2gateway/;
 class=flex.messaging.endpoints.AMFEndpoint/ 
 
 properties
 polling-enabledfalse/polling-enabled
 serialization
 instantiate-typesfalse/instantiate-types
 /serialization
 /properties
 /channel-definition
 
 channel-definition id=my-secure-cfamf
 class=mx.messaging.channels.SecureAMFChannel
 endpoint
 uri=https://{server.name}:{server.port}/flex2gateway/;
 class=flex.messaging.endpoints.SecureAMFEndpoint/ 
 
 properties
 
 add-no-cache-headersfalse/add-no-cache-headers
 polling

RE: [flexcoders] Re: Flex SSL over AMF with ColdFusion services-config.xml

2008-01-03 Thread Peter Farland

If you use Flex Builder in debug mode then the Console panel will show
trace output. However, if you're using a debug Flash Player plugin in a
browser (or the debug standalone Flash Player), then so long as you have
setup a mm.cfg file in your user directory, the flashlog.txt file will
appear in the predefined log location. For windows, mm.cfg would likely
need to be setup in 

C:\Documents and Settings\yourusername\mm.cfg

...and specify:

ErrorReportingEnable=1
TraceOutputFileEnable=1

Then trace output will appear in:

C:\Documents and Settings\yourusername\Application Data\Macromedia\Flash
Player\Logs\flashlog.txt

On windows I use tail.exe from cygwin to monitor the file.


-Original Message-
From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On
Behalf Of nasawebguy
Sent: Thursday, January 03, 2008 10:34 AM
To: flexcoders@yahoogroups.com
Subject: [flexcoders] Re: Flex SSL over AMF with ColdFusion
services-config.xml

Thanks Peter. My assumption was that if I'm loading via https, the
secure channel would be used. If not, the unsecure channel would be
used. 

I can try the TraceTarget, but where is the flashlog located?

Don

--- In flexcoders@yahoogroups.com, Peter Farland [EMAIL PROTECTED] wrote:

 
 If you're loading your SWF via HTTPS then you should be able to make 
 secure connections from the Flash Player. As for the right channel 
 being automatically selected, it depends on whether channel failover 
 happens correctly. I didn't see a destination configuration below, but

 if the channels snippet represents the list of channels for your 
 destination, then I believe it will try to connect using the 
 SecureAMFChannel first and fall back to the AMFChannel on failing. 
 While this might be useful in development, I wouldn't suggest it for 
 deployment - especially if you really do have a requirement to connect
to a secure endpoint.
 
 Can you add mx:TraceTarget / to your MXML, recompile, and then debug

 or look at flashlog.txt for more information about what might be going

 wrong in the channel connection phase?
 
 
 
 
 
 
  
 
 -Original Message-
 From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] 
 On Behalf Of nasawebguy
 Sent: Wednesday, January 02, 2008 8:45 PM
 To: flexcoders@yahoogroups.com
 Subject: [flexcoders] Flex SSL over AMF with ColdFusion 
 services-config.xml
 
 When I use smartsniff/Charles, my remoteObject content is not 
 encrypted/https/port 443. IE/Firefox shows SSL to the user, eventhough

 the data is NOT actually encrypted over AMF!
 
 Below is my services-config.xml file and remoteObject code snips.
 
 I've been researching this all day with no clear solution. As I 
 understand it so far, I should be able to use two channels in my 
 ColdFusion destination and the correct channel would be used 
 automatically. Not the case. I need https pages to use SSL and http 
 pages to not.
 
 I tried splitting them up into two destinations, ColdFusion and 
 ColdFusionSecure, in the same services-config, but I keep getting 
 errors that ColdFusionSecure cannot be found, when it is used at the 
 remoteObject destination.
   
 I'd appreciate any suggestions.
 
 Thanks,
 Don
 
 channels
 channel ref=my-secure-cfamf/
 channel ref=my-cfamf/
 /channels
 
 
 channel-definition id=my-cfamf
 class=mx.messaging.channels.AMFChannel
 endpoint
 uri=http://{server.name}:{server.port}/flex2gateway/;
 class=flex.messaging.endpoints.AMFEndpoint/
 
   properties
 polling-enabledfalse/polling-enabled
 serialization
 instantiate-typesfalse/instantiate-types
 /serialization
 /properties
 /channel-definition
 
 channel-definition id=my-secure-cfamf
 class=mx.messaging.channels.SecureAMFChannel
 endpoint
 uri=https://{server.name}:{server.port}/flex2gateway/;
 class=flex.messaging.endpoints.SecureAMFEndpoint/
 
   properties
   
 add-no-cache-headersfalse/add-no-cache-headers
 polling-enabledfalse/polling-enabled
 serialization
 instantiate-typesfalse/instantiate-types
 /serialization
 /properties
 /channel-definition
 
 
 mx:RemoteObject 
   id=cfdata showBusyCursor=true 
   destination=ColdFusion source=flex.secure.send
   mx:method name=sendUpdate 
   result=sendUpdate_Result(event)
   fault=sendUpdate_Fault(event) /
   /mx:RemoteObject
 
 
 
 --
 Flexcoders Mailing List
 FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt
 Search Archives:
 http://www.mail-archive.com/flexcoders%40yahoogroups.com
 Yahoo! Groups Links





--
Flexcoders Mailing List
FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt
Search Archives:
http://www.mail-archive.com/flexcoders%40yahoogroups.com
Yahoo! Groups Links

RE: [flexcoders] Re: Flex SSL over AMF with ColdFusion services-config.xml

2008-01-03 Thread Peter Farland


In /WEB-INF/flex/remoting-config.xml, you can either set the default
channel to be just my-secure-cfamf, or explicity configure the channels
on the destination in question.

If you set the RO channelSet property it will use that ChannelSet to
connect rather than the configuration (in fact, you can stop specifying
-services command line configuration argument if you manually create
your own ChannelSets for RemoteObject based apps) - just make sure you
only assign one channel in the channelset and then use this simplified
scenario to debug what the problem is (rather than complicating it with
failover URLs etc).

One thing you may have to do is check if it's a problem only in MSIE. If
it is, you may be running into the known issue with HTTPS responses that
contain no-cache headers. You seem to have the correct
add-no-cache-headers property set to false in your secure
channel-definition, but that's not a guarantee that something else is
not adding this header, such as another filter upstream or even your
webserver. You should use a client side HTTP Sniffer such as Paros Proxy
with MSIE which will allow you to see your HTTPS responses decrypted to
check raw header information.

Also watch out for known issues with MSIE and chunked encoded + gzip
compressed responses over SSL as this will also fail.

Finally, if you find that it's an issue with Firefox only... there is
one obscure but known issue with this platform. If your SWF is hosted
somewhere other than the CF server, then a crossdomain.xml is probably
being requested first before your connection is made (due to sandbox
security requirements of the Flash Player in the browser). If this
request for crossdomain.xml is challenged for HTTP Basic credentials
over an SSL connection that contains a port then it may just fail
silently.

Re: [flexcoders] Re: Flex SSL over AMF with ColdFusion services-config.xml

RE: [flexcoders] Re: Flex SSL over AMF with ColdFusion services-config.xml

RE: [flexcoders] Re: Flex SSL over AMF with ColdFusion services-config.xml

RE: [flexcoders] Re: Flex SSL over AMF with ColdFusion services-config.xml

4 matches

Site Navigation

Mail list logo

Footer information