I have an application running on flex and php, connected using amfphp, i added a secure channel to services.conf of amfphp [code]how do i know if flex is actually using this secure channel? i tried [code]from the php side and they are both false ... but if i remove these checks it works fine, I'm using wamp, with mod_ssl, and working from localhost
I'm having trouble with an AS3 AMF RemoteObject request that is hosted on App Engine. I have a crossdomain.xml file in the root of the domain, and also one at the remoting endpoint.Here are the contents of the root crossdomain.xml:
Loading the swf file and testing it on my machine works just fine... I think that may have something to do with me having the debugger version of Flash Player. When I push it up to App Engine to make it public, other clients access it and get a Client.Error.MessageSend Channel.Security.Error error Error #2048 url: http:[url].......I am using Flex 4 beta, and the App Engine Python runtime. I have tried full wildcard in the crossdomain, and even accessing the data endpoint at a relative URL so as to avoid this error.
An Adobe FLEX 4 object loads from a webpage and runs in the browser. The connection between browser and server is secured using SSL over HTTP (HTTPS) with a secure certificate from a valid Certificate Authority.
Can FLEX code read the secure certificate information and retrieve information such as to whome the certificate was issued, when it is valid, and for what domain it was issued, etc. ?
I am encountering a weird problem. I have a flex application that calls a HTTPService from another domain to retrieve some data. I have created a crossdomain.xml in my flex application with <allow-access-from domain="*"/>.
When i run my application http:[url]...., i can retrieve the data without error.But if i run my application http:[url]....., i encounter the Channel.Security.Error.
i need to connect to two different domains from a single flex application. the problem is the domain other than the current hosted domain is unable to login. letz say i hosted the application at LOCAL server. im able to login to the local server . From the existing application i need a login to the MAIN server too. The problem comes up here. flash security is not allowing login to MAIN server. in crossdomain we allow-access-from MAIN server. but i want access to the MAIN server from LOCAL server. is ther nything i need to put extra in [URL]?
I tried to deploy my otherwise working flex app on a web server (tomcat 6).It threw a Channel.Security.Error.After some research, I became aware that flash movie loaded from flash_movie_domain will not be able to load resource from any other domain.Some suggested adding a crossdomain.xml.However, the crossdomain.xml route doesn't quite make sense.In this case, I am loading resources from a third party web site.My understanding is that I need this third party website to include a crossdomain.xml on their root directory in order for app to function.The third party web service is provided as is. I will not be able to change what's given. Since the third party is providing public access, it already explicitly give permission to the general public. Adding a crossdomain.xml to their root seems to be a redundant act?
I tried asking this on the Spring forums ([URL]) but did not get a response. I'm working on a web application that has an (end user) user interface built in Flex and a management user interface built using Spring MVC. I'm trying to secure both interfaces and can get each one working separately, but not together. I'm using a snapshot build of spring-flex-core 1.5.0 with Spring Security 3.1RC1 and Spring 3.1M1
[Code]...
I'm obviously missing something but while the Spring Flex documentation describes how to configure a hybrid MVC+Flex application at the servlet level it appears to only consider security from the perspective of a flex-only application.
We are planning a desktop client application with Adobe AIR. The client app will be delivered to our customers with a database, which contains monthly updated marketing data provided by our company. As different customers will buy different sets of data from us, for example, a customer is only interested in marketing data in a specific product category, while another customer need all data in a certain region. After a customer installs this client app, new data will be emailed to the customer every month.
So, the requirement is to keep the data accessible only by the customer who bought it. After reading through AIR's secure local store and database encryption feature, I came up with the following design: each customer will have his own secret key (stored in AIR's secure local store), the secret key is used to encrypt the data that the customer has purchased. Of course, the monthly data that we sent to the customer will be encrypted using the same secret key. So my questions are: is AIR's database encryption and secure local store secure enough for this use case? If someone gets the encrypted database file, can he decrypt the DB?
Alright so I'm making a website for my friends band, and they want to have a music player to play their MP3's. One of the things I'm concerned about though, is the security of the MP3 files. Their albums are on iTunes to buy, so I'm looking for what the best option to have the MP3s be played but not be able to be downloaded and saved.The best thing I can think of is embedding the MP3's inside a Flash music player, but that would be more work than it's worth it seems.
I'm working on a site which allows people to pay to stream videos online. I'm currently using JW Player to stream FLV/F4V files from Amazon S3, using a signature.This method is extremely unstable, and needless to say, useless. I've heard I can use Amazon CloudFront as a CDN for my videos. But that it won't make the files any more secure, if I've understood it correctly.Price is an important thing. I know hosting/streaming video is expensive, but what are my best options, for a cheap, reliable, and as-safe-you-can solution for me? I have very little hosting experience,
I have a flex application, running with amfphp and connected to wamp, I want to use a secure connection using ssl, but my whole application is running from the same swf file, would using ssl in that case mean that all the data, being sent and received between the server and client ,encrypted? Because this is not what I'm trying to do, I only want to encrypt the sign up and sign in data.
please note that, I have log-in bar which is visible the whole time as long as the user is not signed in.in other words, I only want to secure some of the data being transferred not every thing.
I'll try to focus on the problem which takes place in a whole system.To sum up, I have 2 entities (MySQL) :
create table AAA ( id_AAA int not null auto_increment, id_BBB int,
[code]....
I retrieve all my BBB, they are mapped from PHP classes (generated by Propel) to AS3 classes on the Flex side.But when I create a AAA row in the database.I retrieve all my BBB, and all objects are mapped EXCEPT the BBB whose id corresponds to the foreign key in the inserted AAA row.
if you know anything about how AMFPHP / Propel / Flex are dealing with Foreign Keys and why class mapping is failing right here.The weird thing is that it seems to happen only for this specific case ...
I'm trying to connect to AMFPHP over SSL (self-signed) from a Flex 4.5 application.Will this work? Or do I need an authority-signed certificate?Will it silently fail or prompt user like it does in browser?How do I need to edit the services-config.xml file for this to work?
I'm looking for a way to catch an Exception thrown by PHP in Flex using HTTPService. Is it possible to do it without using AMFPHP?
In my current implementation, if an Exception is thrown in PHP, a FaultEvent.FAULT is indeed dispatched on Flex side. The only problem is that the exception's message string is nowhere to be found in FaultEvent.[code]...
I am using remote object in flex to call a method in amfphp. I have project setup properly with a services-config.xml in d src, d end point uri pointing to the gateway.php. After testing on my localhost everything works fine but when I copied my files to a remote server repoint the uri in d servies-config and then recompiling the application gives a sending failed error.
What's the best way to secure a Flex-BlazeDS application? I've googled it an several solutions came up.UPDATE after question from jsight:Flex would login, so on the RemoteObject I'll set Credentials I don't know if there comes authentication and authorization with BlazeDS (WebORB for instance does and WebORB looked at BlazeDS for their product) SSL not needed 've seen some links on the internet talking about spring security, so I'll check that out.
i recently had a look to the tutorial for custom authentication within a flex application. The login is managed by getting the ChannelSet from a RemoteObject:
private function creationCompleteHandler():void { if (cs == null) cs = ServerConfig.getChannelSet(remoteObject.destination);
[Code]....
After that the channlset can be used with the login command of ChannelSet. How can i insure that this is using a secure connection? I know that there is a amf channel and a secure amf channel. But how to tell to provide the credentials in a secure connection?
Please is there any open source solution that can help me to secure the source code of a project that is developed by too many developers from being copied of stolen by the team member?My Boss asked me to find a solution that put all the project in the server and allow all the developers to develop on the server from their computers, is this possible?
I am creating some application in flex and one of my purposes is to read content of file and display it in flex. There is huge problem, when I have file written in polish (which contains some special characters) because amfphp transfers this contents few seconds, which is to long (reading and sending content of file without any polish character if fast).My php code reads any files fast, so problem is on amfphp side. Is there any solution or I have to go with HTTPService and load contents of file directly from flex?
If you subcribe a Consumer in Flex, you need to assign a ChannelSet to the Consumer. In my case, I create a ChannelSet and then add a Channel to that ChannelSet.Apparently, the added channel is the current channel of the ChannelSet. But what if I would add two Channels to the ChannelSet? Do I need to set the currentChannel before subcribing?If there are two channels in the ChannelCet, and I trigger the login method on the ChannelSet, will both Channels be authenticated and connected?
I have a swf which, for some reason, has four RemoteObjects pointing to the same ChannelId, but they are listing that channel as being at two different spots. In four of the five RemoteObjects, everything behaves as expected, but in the fourth (WidgetService), the version on dev is switching from dev.context.root toloc.context.root. To make matters more confusing, it only does this on the dev server (QA and production are fine, as are local builds).The relevant information from the config files follows:
#This is from build.properties, which is used by Ant #to build the swf on the server flex.sdk.dir = /path/to/sdk/flex_sdk_3.2.0.3958
I'm using NetConnection, NetStream and a flash.media.Video control to play back video files stored on the local machine. Works great for FLVs, and for H.264-encoded MP4s, but for non-H.264 MP4s, I often get audio, but no video.
I realize this is to be expected. What I'm wondering is whether there's a way to reliably detect that the video portion of the file is unplayable, irrespective of the audio. Of the many events available in NetStream, and even in the client callbacks (onMetaData, etc.), I don't see anything that explicitly informs for an unplayable video track -- I see NetStream.Play.NoSupportedTrackFound, and NetStream.Play.Failed, but for these videos -- i.e., playable audio, non-playable video -- I don't get either one, presumably because the audio works.
I am using Flex and php to develop my project. Everything works great in my local machine.However, when I upload my files to my serverI got the error when loading my flex application.The pop-up error message is
I have made a little mashup mixing maps, translate api and flickr. I get the directions from my map and make mp3 files on the fly to play them at the same time but they only play in firefox and for the rest of the browsers I only get my first sound channel with background music. can't figure out why.
I'm developing a chat system and i need to detect the FlexClient disconnect in Java, using the longpolling channel. I can't use the Streaming channel, because of some bugs that this kind of channel still has. Do you have any suggestion on how could i accomplish this? I'm using BlazeDS.