25 Replies Latest reply on Aug 22, 2007 12:32 PM by JoshBeall

    https webservice issue

    JRH@C
      I have a Flex 2 app (which I successfully ported to Apollo) that calls a webservice over https. This works fine.

      I took the same code and put it in a Flex 3 AIR project (and then subsequently into just a Flex 3 project) and I get this error:

      [RPC Fault faultString="[MessagingError message='Destination
      'DefaultHTTPS' has no channels defined and the application does not
      define any default channels.']" faultCode="InvokeFailed"
      faultDetail="Unable to load WSDL. If currently online, please verify
      the URI and/or format of the WSDL

      I'm not using FDS/LiveCycle, I have crossdomain.xml setup properly and it all works fine in Flex 2. It also works fine via http in Flex 3; it's just https that's the problem.

      Does anyone have any ideas?
        • 1. Re: https webservice issue
          Peter Farland Level 3
          To work around this issue, you must programmatically set useProxy = false; after you have set the wsdl property (or if you're using MXML tags, you still must set useProxy = false; in ActionScript before you invoke the operation regardless of whether it was specified as such via tag attribute).
          • 2. https webservice issue
            JRH@C Level 1
            Thanks, but that doesn't work. I tried both the mxml declaration with this property also set in actionscript before the method call,

            <mx:WebService id="cuMemStats"
            wsdl="https://MyURLHere?wsdl"
            useProxy="false" showBusyCursor="true">
            <mx:operation name="getMemory" result="processWSResult()">
            <mx:request/>
            </mx:operation>
            </mx:WebService>

            private function doWS():void {
            cuMemStats.useProxy = false;
            cuMemStats.getMemory.send();
            }

            as well as a pure actionscript call:

            private function doWS():void {
            cuMemStats.useProxy = false;
            cuMemStats.wsdl = "https://MyURLHere?wsdl";
            cuMemStats.addEventListener("fault", httpFault);
            cuMemStats.getMemory.addEventListener("result",processWSResult);
            cuMemStats.loadWSDL();
            cuMemStats.getMemory();
            }

            private function httpFault(event:FaultEvent):void {
            var faultstring:String = event.fault.faultString;
            Alert.show(faultstring);
            }

            In both cases https gives me:

            [MessagingError message='Destination 'DefaultHTTPS' has no channels defined and the application does not define any default channels.']

            while http works fine.
            .
            • 3. Re: https webservice issue
              JRH@C Level 1
              No other ideas? Should I file a bug?
              • 4. Re: https webservice issue
                Peter Flynn (Adobe) Adobe Employee
                I'm no expert in this area. If you don't hear back from others soon, feel free to file a bug at:
                http://bugs.adobe.com/flex

                One thing I notice at a glance, tough, is that your two examples differ:
                cuMemStats.getMemory.send(); vs. cuMemStats.getMemory();
                Not sure if that could cause any problems.

                - Peter
                • 5. https webservice issue
                  JRH@C Level 1
                  Thanks; that's the correct way to call the webservice in each case. When a WS is declared with MXML, the send() method needs to be called on the declared operation. With pure AS, you call the WS method on the WS object directly.
                  • 6. Re: https webservice issue
                    Peter Farland Level 3
                    In your pure AS case, you're calling useProxy=false BEFORE setting the wsdl property, the work around requires that it is always set AFTER setting the wsdl property (and BEFORE calling loadWSDL()).
                    • 7. Re: https webservice issue
                      JRH@C Level 1
                      This produces exactly the same result:

                      cuMemStats.wsdl = "https://my_webservice_here.cfc?wsdl";
                      cuMemStats.useProxy = false;
                      cuMemStats.loadWSDL();
                      cuMemStats.addEventListener("fault", httpFault);
                      cuMemStats.getMemory.addEventListener("result",processWSResult);
                      cuMemStats.getMemory();
                      • 8. Re: https webservice issue
                        JRH@C Level 1
                        I've logged https://bugs.adobe.com/jira/browse/SDK-11339 against this. If others could test this please do.
                        • 9. Re: https webservice issue
                          Peter Farland Level 3
                          If you contact me directly I can send you an updated rpc.swc to test.

                          pfarland@adobe.com
                          • 10. Re: https webservice issue
                            80g
                            I am having this exact same issue. I posted to flexcoders though. I'll contact Pete as well.
                            • 11. Re: https webservice issue
                              JRH@C Level 1
                              Pete's fix worked perfectly, so hopefully he can assist you too.
                              • 12. Re: https webservice issue
                                JeffWS
                                I get the exact same error with Flex 2 service pack 3. HTTP works fine, HTTPS channel error. Tried all of the recommended settings. Any ideas?

                                Maybe someone post a working sample for Flex 2 with service pack 3?

                                Thanks.
                                • 13. Re: https webservice issue
                                  Peter Farland Level 3
                                  It should be possible to work around this without the patch that I sent to James. Try this variation:

                                  cuMemStats.wsdl = "https://my_webservice_here.cfc?wsdl";
                                  cuMemStats.destination = "DefaultHTTPS";
                                  cuMemStats.useProxy = false;
                                  cuMemStats.loadWSDL();
                                  cuMemStats.addEventListener("fault", httpFault);
                                  cuMemStats.getMemory.addEventListener("result", processWSResult);
                                  cuMemStats.getMemory();
                                  • 14. Re: https webservice issue
                                    DanitoV
                                    This is a Bug on FB3?, when is fixed?
                                    • 15. Re: https webservice issue
                                      Peter Farland Level 3
                                      In FB3 Beta 2.
                                      • 16. Re: https webservice issue
                                        odyssey27 Level 1
                                        Pete, FWIW your example works fine for me in beta 1 on httpService calls.
                                        • 17. Re: https webservice issue
                                          JoshBeall Level 1
                                          quote:

                                          Originally posted by: pete
                                          It should be possible to work around this without the patch that I sent to James. Try this variation:

                                          cuMemStats.wsdl = "https://my_webservice_here.cfc?wsdl";
                                          cuMemStats.destination = "DefaultHTTPS";
                                          cuMemStats.useProxy = false;
                                          cuMemStats.loadWSDL();
                                          cuMemStats.addEventListener("fault", httpFault);
                                          cuMemStats.getMemory.addEventListener("result", processWSResult);
                                          cuMemStats.getMemory();


                                          This isn't working for me. My code is attached. When I attempt to call the web service I get the following printed to the console:

                                          Connection to https:/intranetserver:40403/RECustom.asmx?WSDL halted - not permitted from http://localhost/Flex/WebServicesSandbox/bin/WebServicesSandbox.swf

                                          Yes, I do have crossdomain.xml in place. This is evidenced by the fact that changing the protocol to HTTP fixes things.

                                          Code:
                                          • 18. Re: https webservice issue
                                            Peter Farland Level 3
                                            Does this https server require authentication?

                                            Does it happen only on Firefox? Or only on MSIE?
                                            • 19. Re: https webservice issue
                                              JoshBeall Level 1
                                              quote:

                                              Originally posted by: pete
                                              Does this https server require authentication?
                                              It does not (although that's something we'll be changing in the near future, so I need to learn how to pass in credentials in Flex).



                                              quote:

                                              Originally posted by: pete
                                              Does it happen only on Firefox? Or only on MSIE?
                                              Both Firefox 2 and IE7.


                                              I just did a packet capture, and it seems pretty clear to me that the problem is tied to the request for crossdomain.xml or the WSDL. Both the crossdomain.xml file and the WSDL are there, and can be retrieved just fine via the browser (with HTTP or HTTPS).

                                              When I load up the Flex app (which will attempt to retrieve the WSDL on creationComplete for the app), I see some packets go to our webservices machine on port 40403. I can't see the payload because it's encrypted. I then immediately get a fault event fired in my Flex app. At this point the web service has never actually been called, it's just the WSDL that is attempted to be loaded.

                                              I wonder if it has something to with our nonstandard port use?
                                              • 20. Re: https webservice issue
                                                JoshBeall Level 1
                                                JFYI, I tried another webservice we have, running on the standard HTTPS port (443), and it exhibited the same behavior, so I don't think my problem is only because we're using a nonstandard port.

                                                -Josh
                                                • 21. Re: https webservice issue
                                                  Peter Farland Level 3
                                                  Can you look at the HTTP response headers closely and search whether there are any Pragma: no-cache, Cache-Control: no-cache, or Expires: headers? Each of these can cause problems in MSIE with SSL.

                                                  Another situation that can cause problems is whether your web server is using chunked-encoding for HTTP responses in addition to gzip compression. Do you think this is the situation with your response?
                                                  • 22. Re: https webservice issue
                                                    JoshBeall Level 1
                                                    Here are the complete request and response headers for crossdomain.xml (nothing else is requested after this). BTW, I'm using Firefox primarily, though I get the same behavior in IE.

                                                    We are not using gzip compression. I'm not sure about chunked encoding; We're using IIS6 on Win2003 in it's default state (at least in regards to chunked encoding). I don't see anything about chunked encoding in this set of headers, although with larger documents it is possible that IIS will do chunking. I'm not enough of an expert in regards to IIS handling of HTTP transactions.

                                                    GET /crossdomain.xml HTTP/1.1
                                                    Host: webservices.hslda.org:40403
                                                    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6
                                                    Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png ,*/*;q=0.5
                                                    Accept-Language: en-us,en;q=0.5
                                                    Accept-Encoding: gzip,deflate
                                                    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
                                                    Keep-Alive: 300
                                                    Connection: keep-alive

                                                    HTTP/1.x 200 OK
                                                    Content-Length: 196
                                                    Content-Type: text/xml
                                                    Last-Modified: Mon, 13 Aug 2007 19:14:13 GMT
                                                    Accept-Ranges: bytes
                                                    Etag: "c2b7022deddc71:b72"
                                                    Server: Microsoft-IIS/6.0
                                                    X-Powered-By: ASP.NET
                                                    Date: Wed, 15 Aug 2007 15:14:43 GMT
                                                    • 23. https webservice issue
                                                      JoshBeall Level 1
                                                      Incidentally, I tried using URLLoader to directly request crossdomain.xml.

                                                      I got this error:

                                                      Connection to https://webservices.hslda.org:40403/crossdomain.xml halted - not permitted from http://localhost/Flex/WebServicesSandbox/bin/WebServicesSandbox-debug.swf
                                                      Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: http://localhost/Flex/WebServicesSandbox/bin/WebServicesSandbox-debug.swf cannot load data from https://webservices.hslda.org:40403/crossdomain.xml.
                                                      at WebServicesSandbox()[D:\dev\Flex\WebServicesSandbox;;WebServicesSandbox.mxml:17]
                                                      at _WebServicesSandbox_mx_managers_SystemManager/create()
                                                      at mx.managers::SystemManager/mx.managers:SystemManager::initializeTopLevelWindow() [E:\dev\flex_3_beta1\sdk\frameworks\projects\framework\src;mx\managers;SystemManager.as:2 389]
                                                      at mx.managers::SystemManager/mx.managers:SystemManager::docFrameHandler() [E:\dev\flex_3_beta1\sdk\frameworks\projects\framework\src;mx\managers;SystemManager.as:2 290]
                                                      at [execute-queued]

                                                      Wait a second -- if it can't load crossdomain.xml via HTTPS, doesn't that we won't be able to access anything via HTTPS not on the same host? Well, yes, that's exactly the case. And if I put the webservices on the same domain as the swf, and request it that way, everything works nicely via HTTPS.

                                                      So it's clearly related to the security paradigm we're using with the crossdomain.xml file. It looks like it can't load the crossdomain.xml file, or if it does load it, it doesn't set the security permissions correctly for HTTPS requests (e.g., by allowing/disallowing them based on what appears in the crossdomain.xml).

                                                      -Josh
                                                      • 24. Re: https webservice issue
                                                        Peter Farland Level 3
                                                        If you'd like to discuss this offline in order to provide more information, please email me at pfarland@adobe.com directly.
                                                        • 25. Re: https webservice issue
                                                          JoshBeall Level 1
                                                          In my case it turned out the problem was related to requesting the SWF via HTTP, and having it connect to a web service via HTTPS. Security precautions in the flash player require the HTTPS web services be consumed by SWFs delivered via HTTPS. I believe you can relax this restriction in your crossdomain.xml file, but I haven't tried it -- we'll just use HTTPS at all points where data is being transferred.

                                                          -Josh