Expand my Community achievements bar.

https web accelarator to http issues

Avatar

Level 1
Level 1
10/30/09 10:15:00 AM

I have an architecture which has an  web accelartor in the network. It accepts https requests coming in and then converts them to http requests and passes them to the server. I cannot get my services to communicate from browser to server.  Is it possible to use an https uri/url with an unsecured amf endpoint. I have tried multiple combinations and cannot get it to work.

        <!--  An AMF channel that uses HTTPS for secure communication can use
              the {server.port} token as a SWF must be loaded via a secure URL
              in order to make secure connections.
        -->
        <channel-definition id="my-secure-amf" class="mx.messaging.channels.SecureAMFChannel">
            <endpoint uri="https://{server.name}:{server.port}/vOpenConnect/messagebroker/amfsecure" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
            <properties>
                <!--HTTPS requests on some browsers do not work when pragma "no-cache" are set-->
               
                <!-- Optional. Use this to limit the client channel's connect attempt
                     to the specified time interval.
                <connect-timeout-seconds>5</connect-timeout-seconds>
                -->
            </properties>
        </channel-definition>

Help!

Views

1.4K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
3 Replies

Avatar

Level 2
Level 2
10/30/09 11:21:34 AM

Check out this link which explains how to do this

http://blogs.adobe.com/lin/archives/flex/security/index.html

To define new channels for your Flex app you have to recompile it, the configuration change is not enough. From reading this blog post it seems that changing the destination for the channel can be done just by configuring it.

Hope this helps.

Here is the relevant info from the blog link above, to protect against the entry getting moved:

How to access flex app over https but connect to backend using http

Many application needs to be accessed over secure connection, but only need to connect to the backend using non-secure connection, or vice versa. How do we accomplish that?

Secure connections can talk to secure and non-secure endpoints. Non-secure connections can only talk to non-secure endpoints. So you will need to configure your channel differently.

1. If the app is requested over https and then use http to connect to backend:

<channel-definition id="my-amf-secure" class="mx.messaging.channels.SecureAMFChannel">
<endpoint uri="https://{server.name}:{server.port}{context.root}/flex2gateway/" class="flex.messaging.endpoints.AMFEndpoint "/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
</properties>  
</channel-definition>

2. If the flex app is requested over http, then using https to connect backend:
<channel-definition id="my-amf" class="mx.messaging.channels.SecureAMFChannel">
<endpoint uri="https://{server.name}:{server.port}{context.root}/flex2gateway/" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
</properties>  
</channel-definition>

3. For LCDS 2.5 and 2.5.1, the configuration would be enough.
For FDS 201, you need to apply the hotfix build 168076 as well.  You can get the build 168076 from flex Tech support.

Views

314

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
11/13/09 8:17:47 AM

Thanks for your answer I made the changes but I still get an error. This is the response I'm getting back when I intercept it using 'Charles'

<html><head><title>Apache Tomcat/5.5.17 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>The server encountered an internal error () that prevented it from fulfilling this request.</u></p><p><b>exception</b> <pre>javax.servlet.ServletException: Servlet.init() for servlet MessageBrokerServlet threw exception
    org.objectweb.jonas.web.catalina55.ResetAuthenticationValve.invoke(ResetAuthenticationValve.java:91)
    org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
    org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
    org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
    org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
    org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    java.lang.Thread.run(Thread.java:619)
</pre></p><p><b>root cause</b> <pre>flex.messaging.config.ConfigurationException: Invalid channel endpoint class 'flex.messaging.endpoints.AMFEndpoint' specified for 'my-old-amf'.
    flex.messaging.config.MessagingConfiguration.createEndpoints(MessagingConfiguration.java:141)
    flex.messaging.config.MessagingConfiguration.configureBroker(MessagingConfiguration.java:82)
    flex.messaging.MessageBrokerServlet.init(MessageBrokerServlet.java:105)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:114)
    org.objectweb.jonas.web.catalina55.ResetAuthenticationValve.invoke(ResetAuthenticationValve.java:91)
    org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
    org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
    org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
    org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
    org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    java.lang.Thread.run(Thread.java:619)
</pre></p><p><b>root cause</b> <pre>flex.messaging.config.ConfigurationException: Invalid channel endpoint URI, https://{server.name}:{server.port}/myapp/messagebroker/amf, must begin with http.
    flex.messaging.endpoints.AMFEndpoint.validateEndpointProtocol(AMFEndpoint.java:110)
    flex.messaging.endpoints.AMFEndpoint.properties(AMFEndpoint.java:96)
    flex.messaging.endpoints.AbstractEndpoint.&lt;init&gt;(AbstractEndpoint.java:96)
    flex.messaging.endpoints.AMFEndpoint.&lt;init&gt;(AMFEndpoint.java:68)
    flex.messaging.endpoints.AMFEndpoint.&lt;init&gt;(AMFEndpoint.java:63)
    sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
    sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
    java.lang.reflect.Constructor.newInstance(Constructor.java:513)
    flex.messaging.config.MessagingConfiguration.createEndpoints(MessagingConfiguration.java:128)
    flex.messaging.config.MessagingConfiguration.configureBroker(MessagingConfiguration.java:82)
    flex.messaging.MessageBrokerServlet.init(MessageBrokerServlet.java:105)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:114)
    org.objectweb.jonas.web.catalina55.ResetAuthenticationValve.invoke(ResetAuthenticationValve.java:91)
    org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
    org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
    org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
    org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
    org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    java.lang.Thread.run(Thread.java:619)
</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the Apache Tomcat/5.5.17 logs.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/5.5.17</h3></body></html>

Any help would be much appreciated.

Views

306

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
12/9/09 4:21:31 PM

Hi,

Sorry, it took me awhile to respond. It looks like the config for 'my-old-amf' is the problem. It says that the end point uri should be http and not https. I know the sample from the link in my first post shows https but I believe this was a typo. Please try http for the uri end point and tell me if it worked.

If you are still having a problem, could you attach your channel definitions? Also, make sure your default channel is set properly.

Good luck!

John

Views

315

Replies

0
Sign in to like this content

Total Likes

Translate
Translate