« 10 Google Map Mashups, Vote for the 1 Flex
Notes on learning Cairngorm »

Remote Object for both HTTPS and HTTP

One of my main Flex projects is a content management system.  It is continually being developed and is in production as my employer’s backend.  I hope to make it an even more usable CMS solution by making it where it can be deployed for other websites.

With that future goal in mind, I needed to revisit my services-config.xml file.  I use AMFPHP and had previously hardcoded the endpoint.  We use SSL because the backend is used for more than just editing web pages.  So for it to work on another site, I would needed to edit the services-config.xml file and recompile.

I did a google search on services-config secure and found this page which was very helpful. This page was also an interesting read. Before reading these, I did not know you could use the tokens {server.name} and {server.port} in your services-config.xml file.

Here is my new services-config.xml file that will use SSL if the page is using SSL and regular HTTP if it is not.  I verified it was indeed using SSL with Charles.

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <services-config>
  3.  <services>
  4.   <service id="amfphp-flashremoting-service" class="flex.messaging.services.RemotingService" messageTypes="flex.messaging.messages.RemotingMessage">
  5.    <default-channels>
  6.     <channel ref="my-secure-amfphp"/>
  7.     <channel ref="my-amfphp"/>  
  8.    </default-channels>
  9.    <destination id="amfphp">
  10.     <channels>
  11.      <channel ref="my-secure-amfphp"/>
  12.      <channel ref="my-amfphp"/>
  13.     </channels>
  14.     <properties>
  15.      <source>*</source>
  16.     </properties>
  17.    </destination>
  18.   </service>
  19.  </services>
  20.  <channels>
  21.   <channel-definition id="my-secure-amfphp" class="mx.messaging.channels.SecureAMFChannel">
  22.    <endpoint uri="https://{server.name}:{server.port}/amfphp2/gateway.php" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
  23.    <properties>
  24.     <add-no-cache-headers>false</add-no-cache-headers>
  25.     <polling-enabled>false</polling-enabled>
  26.     <serialization>
  27.      <instantiate-types>false</instantiate-types>
  28.     </serialization>
  29.    </properties>  
  30.   </channel-definition>
  31.   <channel-definition id="my-amfphp" class="mx.messaging.channels.AMFChannel">
  32.    <endpoint uri="http://{server.name}:{server.port}/amfphp2/gateway.php" class="flex.messaging.endpoints.AMFEndpoint"/>
  33.    <properties>
  34.     <add-no-cache-headers>false</add-no-cache-headers>
  35.     <polling-enabled>false</polling-enabled>
  36.     <serialization>
  37.      <instantiate-types>false</instantiate-types>
  38.     </serialization>          
  39.    </properties>  
  40.   </channel-definition>
  41.  </channels>
  42. </services-config>

The only problem with this solution is that when on an http page, the swf will try to access crossdomain.xml via https. On Firefox and IE this silently fails. However on Safari (version 3.1.1 as of this writing) this causes the browser to stall indefinitely if you do not have a signed certificate.

Safari will not prompt you to accept the certificate, nor will it silently fail like the other browsers. Since my application is the backend for a CMS, I just went to the homepage via https and accepted the certificate permanently. However, that would not be a good solution for a public application.

This entry was posted on Wednesday, June 11th, 2008 at 2:52 pm and is filed under Flex. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Remote Object for both HTTPS and HTTP”

  1. Joshua Curtiss Says:
    June 11th, 2008 at 11:46 pm

    Hey, thanks for finding my page! Glad it helped!

  2. Sd.plox Says:
    October 28th, 2008 at 1:55 pm

    really useful thanks : )

Leave a Reply