House of Fusion
Search over 2,500 ColdFusion resources here
  
Home of the ColdFusion Community

Mailing Lists
Home /  Groups /  Adobe Flex

Secure communication between Flex app and CFC

  << Previous Post |  RSS |  Tree View |  Sort Latest First |  Subscribe to this Group Next >> 

Secure communication between Flex app and CFC

Hi Damyano Damyanos 11/04/2010 04:17 AM
----- Excess quoted text cut - see Original Post for more ----- Dave Watts 11/04/2010 11:07 AM
Hi Dave Damyano Damyanos 11/07/2010 12:02 PM
> Thank you for your answer! Dave Watts 11/07/2010 12:40 PM
Hi Dave Damyano Damyanos 11/07/2010 02:32 PM
> I am using remoteobjects. So i did what you said. Dave Watts 11/07/2010 09:17 PM
Hi Dave Damyano Damyanos 11/09/2010 07:49 AM
> I have tried that but i don't have a clue how to see if the channel is Dave Watts 11/09/2010 08:50 AM
Hi Damyano Damyanos 11/11/2010 06:01 AM
Hi Damyano Damyanos 11/11/2010 06:02 AM
----- Excess quoted text cut - see Original Post for more ----- Dave Watts 11/11/2010 07:56 AM

11/04/2010 04:17 AM
Author: Damyano Damyanos Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6517 Hi I would like to make secure communicatoin between Flex app and CFC. I am not sure what is the whole process? I would appreciate any help. I have seen this in the Coldfusion Administrator, but i don't know do i need it and how to use it? Enable RMI over SSL for Data Management Lets you use Secure Socket Layer (SSL) encryption for the RMI communication between Flex and ColdFusion. This is not required unless you are transmitting authentication information or confidential data between Flex and ColdFusion over an unsecured network. You must provide a keystore file and keystore password. For instructions on how to create a keystore file, see the online Help Thank you in advance!
11/04/2010 11:07 AM
Author: Dave Watts Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6518 ----- Excess quoted text cut - see Original Post for more ----- Are you just invoking CFCs from your Flex app via RemoteObject or WebService? If so, all you need to do is put those CFCs behind SSL - there's no switch in the CF Admin for this, you just configure your web server. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite
11/07/2010 12:02 PM
Author: Damyano Damyanos Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6520 Hi Dave Thank you for your answer! That it nice, then the flex app i have is already secured. But i would like to ask why should one set in services-config: <add-no-cache-headers>false</add-no-cache-headers> and remoting-config: <channel ref="my-cfamf-secure"/> ?  I read about this in many places. Thanks!
11/07/2010 12:40 PM
Author: Dave Watts Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6521 > Thank you for your answer! > That it nice, then the flex app i have is already secured. > > But i would like to ask why should one set in services-config: <add-no-cache-headers>false</add-no-cache-headers> and > remoting-config: <channel ref="my-cfamf-secure"/> ?  I read about this in many places. If you're using RemoteObject, you need to have a corresponding channel that uses the HTTPS port (typically TCP/443). You should already have that channel defined by default ("my-cfamf-secure"). If you're using WebService, you don't need to define a channel at all. I thought that the add-no-cache-headers setting was set to false by default now, but I could be wrong about that. Again, though, that only affects RemoteObject, not WebService. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite
11/07/2010 02:32 PM
Author: Damyano Damyanos Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6522 Hi Dave Thank you very much again! Very helpfull answer for me! I am using remoteobjects. So i did what you said. And it looks working. But i don't know how can i be secure that the communication is secure. I mean, is there some way to verify that the communication is secure? Where/How i can verify it when i have done it? Thank you!
11/07/2010 09:17 PM
Author: Dave Watts Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6523 > I am using remoteobjects. So i did what you said. > And it looks working. But i don't know how can i be secure that the communication is secure. I mean, is there some way to verify > that the communication is secure? Where/How i can verify it when i have done it? Sure, you can verify that you're connecting on the SSL port instead of the plaintext port. You can do this in several places, but the easiest is probably just to add TraceTarget to your application and look at your console. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite.
11/09/2010 07:49 AM
Author: Damyano Damyanos Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6524 Hi Dave I have tried that but i don't have a clue how to see if the channel is secured. Would you help me wiht it? Thank you so much for all ur answers! ----- Excess quoted text cut - see Original Post for more -----
11/09/2010 08:50 AM
Author: Dave Watts Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6525 > I have tried that but i don't have a clue how to see if the channel is secured. Put TraceTarget into your declarations, then debug your application. The console should then show you how you're connecting, among other things. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite.
11/11/2010 06:01 AM
Author: Damyano Damyanos Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6527 Hi Still no luck :( I was searching the logs and i found this: java.lang.NullPointerException   at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:285)   at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543)   at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203)   at jrunx.scheduler.ThreadPool$DownstreamMetrics.invokeRunnable(ThreadPool.java:320)   at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428)   at jrunx.scheduler.ThreadPool$UpstreamMetrics.invokeRunnable(ThreadPool.java:266)   at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66) Any ideas? Thank you!
11/11/2010 06:02 AM
Author: Damyano Damyanos Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6528 Hi I have no luck still. I've been searching in the logs for some info, and i found this: java.lang.NullPointerException   at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:285)   at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543)   at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203)   at jrunx.scheduler.ThreadPool$DownstreamMetrics.invokeRunnable(ThreadPool.java:320)   at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428)   at jrunx.scheduler.ThreadPool$UpstreamMetrics.invokeRunnable(ThreadPool.java:266)   at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66) Any ideas? Thank you!
11/11/2010 07:56 AM
Author: Dave Watts Short Link: http://www.houseoffusion.com/groups/flex/thread.cfm/threadid:2142#6529 ----- Excess quoted text cut - see Original Post for more ----- That could mean almost anything. It doesn't look like it has anything to do with SSL, though. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training
<< Previous Thread Today's Threads Next Thread >>

Search flex

November 01, 2014

<<   <   Today   >   >>
Su Mo Tu We Th Fr Sa
             1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30             

Designer, Developer and mobile workflow conference