2 Replies Latest reply on Dec 14, 2011 11:13 AM by pbeltranl

    Flex & Java/Axis2 WebServices

    nhiggs
      Hi! I'm having some problems with the configuration of a secure java webservice in Flex with BlazeDS.

      Currently I'm defining a destination in the proxy-config.xml (as suggested in
      http://learn.adobe.com/wiki/display/Flex/Creating+a+BlazeDS+web+service+application+in+Fle x+Builder) like this:

      <destination id="test">
      <properties>
      <wsdl> http://localhost:8080/axis2/services/my_service?wsdl</wsdl>
      <soap>*</soap>
      </properties>
      <adapter ref="soap-proxy"/>
      </destination>

      In my view I have my Webservice configured to useProxy=true, but when I call it, I'm getting this error

      A destination that allows multiple domains or ports does not allow authentication

      Anyone could give me any clues?

      Thank you very much!!!
        • 1. Re: Flex &amp; Java/Axis2 WebServices
          athiagarajan
          Try this ( it works .. I had a simillar problem.. and I tried this)
          ===========================
          <destination id="test">
          <properties>
          <wsdl> http://localhost:8080/axis2/services/my_service?wsdl</wsdl>
          <soap> http://localhost:8080/axis2/services/my_service</soap>
          </properties>
          <adapter ref="soap-proxy"/>
          </destination>

          ===========================

          But this is not working .. in BLAZEDS
          - when I tried to pass the authentication info along with the rest of the details.
          - there are no good examples explaing how to get these working..

          <destination id="test">
          <properties>
          <wsdl> http://localhost:8080/axis2/services/my_service?wsdl</wsdl>
          <soap> http://localhost:8080/axis2/services/my_service</soap>
          </properties>
          <remote_username>xxxx</remote_username>
          <remote_password>xxxx</remote_password>
          <adapter ref="soap-proxy"/>
          </destination>
          • 2. Re: Flex &amp; Java/Axis2 WebServices
            pbeltranl Level 1

            This security constraint looks really quite odd. In my case, and I think it's a quite general scenario, I don't know the final urls, so I cannot configure destinations as described above.

             

            The business case: I'm writting a mobile app to access SharePoint by using webservices. SharePoint allows a lot of sites and subsites. Each site has its own url to access from browsers and other to access from webservices.

             

            Example:

             

            and companies can have a lot of sites and subsites. So, the SharePoint administrator should synchronize the proxy-config.xml file in order to provide access to all the SharePoint sites from BlazeDS. It's even worst when you devlop a generic product and you know nothing about the urls of your customers. Will you provide instructions to all Windows administratos to configure BlazeDS???

             

            In the cases described above, urls must be dynamic. But DlazeDS does not allow them whether they require remote authentication. It's simply absurd. Furthermore, BlazeDS becomes contradictory: If you use dynamic urls (any), BlazeDS requires protect destinations by using server authentication at proxy level (Tomcat, for example). After, BlazeDS denies access to them because they require remote authentication (SharePoint, for example). Has it sense?

             

            Regarding my particular case: End urls (SharePoint) are protected by authentication (Windows NTLM). BlazeDS proxy is also protected by authentication (mandatory to use dynamic urls). And I've removed the bizarre security constraint from BlazeDS source code in order to allow to use dymanic urls requiring remote authentication.... and it works. Now, my app can connect to any url introduced at real time, without configuring destinatons in any BlazeDS file. i don't see how it can compromise security becase users must authenticate in two servers (proxy+remote) prior to access any data. Of course, proxy authentication is managed by the app in order to keep things as much simple as possible for end users.

             

            Regards,

            Pablo.