0 Replies Latest reply on Sep 15, 2010 4:21 PM by DPDP1234

    Flex 4 SOAP on Apache - Security Error

    DPDP1234

      Hi,

       

      I am trying to use Flex as a Soap Client using a third party wsdl. This works fine via Flex Builder but I see the following error when I deploy the same in apache

       

      [RPC Fault faultString="Security error accessing url" faultCode="Channel.Security.Error" faultDetail="Unable to load WSDL. If currently online, please verify the URI and/or format of the WSDL (http://www.company.net/company.wsdl)"]
      at mx.rpc.wsdl::WSDLLoader/faultHandler()[E:\dev\4.x\frameworks\projects\rpc\src\mx\rpc\wsdl \WSDLLoader.as:103]
      at flash.events::EventDispatcher/dispatchEventFunction()
      at flash.events::EventDispatcher/dispatchEvent()
      at HTTPOperation/http://www.adobe.com/2006/flex/mx/internal::dispatchRpcEvent()[E:\dev\4.x\frameworks\proje cts\rpc\src\mx\rpc\http\HTTPService.as:989]
      at mx.rpc::AbstractInvoker/http://www.adobe.com/2006/flex/mx/internal::faultHandler()[E:\dev\4.x\frameworks\projects\ rpc\src\mx\rpc\AbstractInvoker.as:350]
      at mx.rpc::Responder/fault()[E:\dev\4.x\frameworks\projects\rpc\src\mx\rpc\Responder.as:68]
      at mx.rpc::AsyncRequest/fault()[E:\dev\4.x\frameworks\projects\rpc\src\mx\rpc\AsyncRequest.a s:113]
      at DirectHTTPMessageResponder/securityErrorHandler()[E:\dev\4.x\frameworks\projects\rpc\src\ mx\messaging\channels\DirectHTTPChannel.as:432]
      at flash.events::EventDispatcher/dispatchEventFunction()
      at flash.events::EventDispatcher/dispatchEvent()
      at flash.net::URLLoader/redirectEvent()

       

      Now I realize this is due to Apache's sandbox checks, so I have already tried using crossdomain.xml, please see below:

       

      <?xml version="1.0"?>
      <!DOCTYPE cross-domain-policy SYSTEM "/cross-domain-policy.dtd">
      <cross-domain-policy>
      <site-control permitted-cross-domain-policies="all"/>
      <allow-access-from domain="*" to-ports="*" secure="false"/>
      <allow-http-request-headers-from domain="*" headers="*" secure="false" />
      </cross-domain-policy>

       

       

      I have placed this in apache's htdocs directory.

       

      I read that this is to be placed by the wsdl host, but that cannot be done. What is my work around to get this done with the current limitations?

       

      I haven't explored the proxy solution in depth.

      Any pointers to get this working would be very helpful.