2 Replies Latest reply on Mar 6, 2008 7:10 PM by Bryan Dresselhaus

    Flex Remoting, SSL, Coldfusion 8

    RicRoot
      Posted this to another list but haven't solved this problem yet... it really bugs me that this is so poorly documented.

      I have some Flex apps running that were running with a Coldfusion 7 backend using SSL. To do this, I merely modified the services-config.xml to use https instead of http, and changed the channel classes to the secure versions of those classes. All was well.

      Now that I've upgraded to Coldfusion 8, all my flex apps are sending their gateway requests over https. This is normal, of course, because I hadn't changed the config files yet.

      So I looked at the config files and I see there is now a services-config.xml and a remoting-config.xml. The services-config.xml contains channel definitions for both ssl and non-SSL (this is new)... the destinations are defined in remoting-config.xml.

      So I added a new destination called ColdFusionSSL - looks like this:

      <destination id="ColdFusionSSL">
      <channels>
      <channel ref="my-cfamf-secure"/>
      </channels>
      <properties>
      <source>*</source>
      <!-- define the resolution rules and access level of the cfc being invoked -->
      <access>
      <!-- Use the ColdFusion mappings to find CFCs, by default only CFC files under your webroot can be found. -->
      <use-mappings>false</use-mappings>
      <!-- allow "public and remote" or just "remote" methods to be invoked -->
      <method-access-level>remote</method-access-level>
      </access>

      <property-case>
      <!-- cfc property names -->
      <force-cfc-lowercase>false</force-cfc-lowercase>
      <!-- Query column names -->
      <force-query-lowercase>false</force-query-lowercase>
      <!-- struct keys -->
      <force-struct-lowercase>false</force-struct-lowercase>
      </property-case>
      </properties>
      </destination>

      It's just a copy of the ColdFusion destination, except it refers to the secure channel. The secure channel is defined in the services-config.xml and was not changed. This is the default from CF8...

      <channel-definition id="my-cfamf-secure" class="mx.messaging.channels.SecureAMFChannel">
      <endpoint uri="https://{server.name}:{server.port}{context.root}/flex2gateway/cfamfsecure" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
      <properties>
      <polling-enabled>false</polling-enabled>
      <serialization>
      <instantiate-types>false</instantiate-types>
      </serialization>
      </properties>
      </channel-definition>

      I changed the destination of my <mx:RemoteObject> tags to refer to this new destination, compiled, and ran.

      No luck. I get the following error message:

      Channel.Connect.Failed error NetConnection.Call.Failed: HTTP: Failed:
      url: 'https://advanceweb.ads.duke.edu/flex2gateway/cfamfsecure'

      I set the logging level to "Debug" and the following log entries appeared:

      [Flex] FlexSession created with id 'a430990913ea13bb4ad595c1936a7a554258TR' for an Http-based client connection.
      [Flex] Channel endpoint my-cfamf-secure received request.
      [Flex] Deserializing AMF/HTTP request
      Version: 3
      (Message #0 targetURI=null, responseURI=/1)
      (Array #0)
      [0] = (Typed Object #0 'flex.messaging.messages.CommandMessage')
      operation = 5
      correlationId = ""
      messageId = "987088B3-4172-5E89-C9BA-A5C58325ABE9"
      body = (Object #1)
      clientId = null
      timeToLive = 0
      headers = (Object #2)
      DSId = "nil"
      timestamp = 0
      destination = ""

      [Flex] Executed command: (default service)
      commandMessage: Flex Message (flex.messaging.messages.CommandMessage)
      operation = client_ping
      clientId = D9B7365E-821B-0933-EB49-0778BC185020
      correlationId =
      destination =
      messageId = 987088B3-4172-5E89-C9BA-A5C58325ABE9
      timestamp = 1192487125922
      timeToLive = 0
      body = {}
      hdr(DSId) = nil
      hdr(DSEndpoint) = my-cfamf-secure
      replyMessage: Flex Message (flex.messaging.messages.AcknowledgeMessage)
      clientId = D9B7365E-821B-0933-EB49-0778BC185020
      correlationId = 987088B3-4172-5E89-C9BA-A5C58325ABE9
      destination = null
      messageId = D9B7365E-822E-51FF-4E91-C20D589B541F
      timestamp = 1192487125922
      timeToLive = 0
      body = null
      hdr(DSId) = D9B7365E-820A-23DC-E6BB-A423E671BF99

      [Flex] Serializing AMF/HTTP response
      Version: 3
      (Message #0 targetURI=/1/onResult, responseURI=)
      (Typed Object #0 'flex.messaging.messages.AcknowledgeMessage')
      timestamp = 1.192487125922E12
      headers = (Object #1)
      DSId = "D9B7365E-820A-23DC-E6BB-A423E671BF99"
      body = null
      correlationId = "987088B3-4172-5E89-C9BA-A5C58325ABE9"
      messageId = "D9B7365E-822E-51FF-4E91-C20D589B541F"
      timeToLive = 0.0
      clientId = "D9B7365E-821B-0933-EB49-0778BC185020"
      destination = null



      Can anyone help me here? Why can't I get my flex apps to send the gateway requests over https?

      Thanks.

      I should mention, i guess, that I'm using Flex Builder 3 Beta 1 and the Flex 2.0.1 SDK

      Coldfusion 8 Enterprise on Windows Server 2003, installed in multi-server mode

      Rick Root