The scenario is like this. Please see attached image.
1) The AIR app communicates with a weblogic app server. Interfacing with java backend through BlazeDS.
2) The requirement is that the AIR app should access this weblogic app server through SSO on a Weblogic Portal.
3) The weblogic portal accepts only HTTPS.
4) The authentication is through an Active Directory LDAP, which communicates only with the weblogic portal.
I noticed support is available in AIR/BlazeDS for direct authentication with Weblogic App server. However this wouldnt suit us as we have to authenticate through the Weblogic Portal which is using Active Directory LDAP. The SSO authentication will trigger a SAML transaction between the Weblogic Portal and the Weblogic App server backend.
My query is what would be the best method to interface the AIR app with the Weblogic portal. Would the AIR app be capable of communicating over HTTPS directly to the Weblogic Portal. Which is accepting an HTTPS form. Would it be better to place BlazeDS on the Weblogic Portal and send requests over secure AMF. The AIR app also has a web version which runs in the browser. The authentication requirement is similar for this web version.
Both an AIR app and its Flex or Flash counterpart should be able to connect to a server over HTTPS. I'll have to leave the rest of your questions to someone else with some experience with Weblogic.
HTTPS channels are supported as mentioned at the following site.
Although the impression I get is that the secure AMF channel would need BlazeDS at the server side and the HTTPS channle would not , I need a confirmation on this.
I am hoping I could avoid installing BlazeDS on the Portal for authentication and use the currently available java backend which authenticates by reading an HTTPS form and then sending login credentials to an LDAP.