Some background: I have a Flex app embedded in an HTML page and am using Flex to send a soap request to my Java backend that does some authentication depending on the username and password entered in the Flex form. If I enter the correct login everything works fine and the Flex app can continue making further requests. But with an incorrect username/password, an "Authentication Required" dialog box pops up in my Browser and my Flex app won't respond with its proper handler until I click cancel. I'd like to get rid of the dialog box somehow,
I tried asking this on the Spring forums ([URL]) but did not get a response. I'm working on a web application that has an (end user) user interface built in Flex and a management user interface built using Spring MVC. I'm trying to secure both interfaces and can get each one working separately, but not together. I'm using a snapshot build of spring-flex-core 1.5.0 with Spring Security 3.1RC1 and Spring 3.1M1
I'm obviously missing something but while the Spring Flex documentation describes how to configure a hybrid MVC+Flex application at the servlet level it appears to only consider security from the perspective of a flex-only application.
I'm using Spring, Spring Security, BlazeDS, Flex and spring-flex.I know that I can call channelSet.login() and channelSet.logout() to hook into Spring Security for authentication.channelSet.authenticated apparently only knows about the current Flex session, as it always starts off as false, until you call channelSet.login().hat I want to do: Check from Flex to know if a user is already in a session.
We have a Flex-BlazeDS-Spring-JMS application. The issue is sometimes we get a Blazeds error: NoSuchMethodException. It is not able to find the Java service. The weird issue with this it does not happen all the item...1 time it goes through and returns the result, the 2nd time it fails, 3rd time fails and so on. Also not all methods fail, only 2 method calls fail.
The reference doc ( here ) tells us to download the sample application: Included in the project distribution is a collection of samples called the Spring BlazeDS Integration Test Drive. This samples project is set up to be built with Maven and then imported into Eclipse for running the application via WTP.
The samples in question, must either be spring-flex-testdrive-spring3.zip which is linked to in the document or spring-flex-testdrive-spring3.zip based on the notion that this is release 1.5.0.M1 (docs and samples).After I configure maven as described with the proper environment variable:
I'm trying to figure out the best way to leverage a vanilla HttpServlet from a Spring-Flex (with BlazeDS) project I'm working on. My team has an HttpServlet that they've used in the past (that some other team built) that processes a request given some key/value pairs passed over HTTP GET. I want to use this HttpServlet class to do the same work, but I want to call it in Java, when my Flex client invokes a method on a Service. Ideally, the class invoking the HttpServlet can use the standard @Service and @RemotingDestination annotations (see here).
So, this is the HttpServlet: import java.io.IOException; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.net.HttpURLConnection; import java.net.URL; [Code] .....
How to write my @Service class. I've tried going down a few different roads, but haven't had much luck. So far, I've considered and come up with secondary questions on the matter (but I've yet to work out the solution): Do I need a @Controller for this sort of work? Do I need a Servlet Factory? Can the HttpServlet be a Spring managed bean, and call the ASP page another way? (I like this idea least) Should I call the HttpServlet from Flex, and leverage logging and data the Servlet needs with a Remote Object? The reason for my stubbornness in wanting to do this from Java is that I want to do some logging, and maybe leverage some other Singleton beans in the scope of the @Service class. However I work this out, I want to be as close to "Best Practices" as possible.
I am developing a IT Monitoring Dashboard for the company I work at. The system will primarily perform monitoring of files, databases and servers. There will be a small part of the system which will allow the users to configure static data about the system eg: file locations, server names etc...
So as the app. will be a dashboard a lot of the application will consist of publishing data to the flex client to update all the monitoring views. So there will be limited database activity ie: insert/update/deletes.
Are there any differences implementing Flex application security in a clustered Java environment (such as Oracle Application Server/OC4J or a JBoss cluster) vs a single application server environment? (And/or does it depend on the specific environment software?)
What considerations are there in a situation where you need to authenticate with LDAP (AD) and store user access information in a database (ex. USER table containing username + permissions/roles info)? Any differences between Blaze DS and Granite DS?
And behind the scene what it is asking that you instantiate a class as such: new Source("blooper", new Exp(4), new Erlang(4,6); The problem lies in the fact that you don't know what class you will need to processing, and you will be sent a list of these class definitions with instructions on how they can be linked to each other. I've heard that using a BeanFactoryPostProcessor might be helpful, or a property editor/convertor. However I am at a loss as to how best to use them to solve my problem.
I am getting these error while creating bean id , Im using spring: Here is the error Error creating bean with name 'StockdataChart' defined in ServletContext resource [/WEB-INF/config/web-application-config.xml]: 1 constructor arguments specified but no matching constructor found in bean 'StockdataChart' (hint: specify index and/or type arguments for simple parameters to avoid type ambiguities)
Preferably something that integrates well with a Flex front end. Yes the Spring Security guys say this is possible, but all examples seem to use legacy jsp tag libraries making them half useless as examples.I don't want to spend a month setting up and learning how to use a security tool. I would like a tool which supports using annotations (@RolesAllowed etc), MINIMAL XML, and 'remember-me' features (not cookie based).Apache Shiro seems to support Flex/Silverlight/Swing as well but I'd like to know if there are any other alternatives that are NOT container specific.
I have a Spring MVC web application which provides RESTful web services via a controller class (annotated with @Controller) which has methods mapped to specific request types and signatures via @RequestMapping annotations.I have attempted to integrate a BlazeDS service destination into the mix by 1) adding the HttpFlexSession listener to the web.xml, 2) adding the flex:message-broker and flex:remoting-destination declarations to my Spring application context configuration file, and 3) adding a generic /WEB-INF/flex/services-config.xml.
The above BlazeDS integration steps appear to have hosed my RESTful web services, in that it appears that requests are no longer being routed to the controller methods. Is it even possible to do this, i.e, to have a single web application which 1) services HTTP requests via request mapped controller methods and 2) services remote object method calls (i.e. from a Flex client) via a BlazeDS service? If so then can anyone tell me what it may be that I'm doing wrong?
Is it possible to deploy my Spring/BlazeDS/Java application to elastic beanstalk? I'm using MyEclipse and built a Java Web Project with the required jar files etc. Do you need to specifically create an AWS Java Web Project - reason I ask is the options to include the BlazeDS files aren't there - so I'm wondering if Spring / BlazeDS is even supported? By default the turnkey blazeds runs through Port 8400 - so I imagine there are some additional tasks required to configure the endpoints to work through port 80?
Authentication is performed with Basic auth over SSL (although the password inside the basic auth is SHA-2'ed). The issue is that using basic authentication for the Flash client is causing the standard browser log-in box to appear because of "WWW-Authentication: Basic" in the header. Flash is unable to bypass this by manually setting the Authorization header prior to the request.Other clients need to be able to authenticate via the existing mechanisms, so rewriting the authentication logic would not be ideal.
I have the idea that the authorization headers sent to and received from flash client could be dynamically rewritten to use another name for Basic auth which would cause the browser not to understand the auth mechanism and not present the dialog box. Authentication headers to and from Tomcat could be rewritten from "WWW-Authenticate: Basic" to "WWW-Authenticate: PretendBasic" but ideally the built in container security could still handle the basic auth after the rewrite.
I wrote a filter to rewrite inbound headers as "WWW-Authenticate: PretendBasic" as "WWW-Authenticate: Basic" hoping the next filter chain would be auth and the request would be handled as normal. Unfortunately the Servlet specification states that a filter cannot be inserted prior to authentication. I think the only possibility of this working is to create a stackable JAAS authentication module that would first perform a header rewrite on requests if coming from the Flash client, and then pass authentication through to the existing container managed security systems.
I'm developing a web application (client in Flash Builder 4, server in Eclipse 3.6 + Tomcat 7 + Spring 3 Framework). How do I make the Flex client automatically deploy in the Tomcat server and use BlazeDS messaging and remoting more seamlessly?
Flex with add-ons such as BlazeDs to integrate with Spring. I have no experience using Flex, I just read some articles and tutorial about it, but I really would like to learn something new :-) Google Web Toolkit, maybe with something like gwt-ext. No experience, but I really like to learn. It's plenty of support out there if I need, but I think I will struggle to maintain Spring MVC and GWT in the same project, I read that it's not so easy but there are a couple of patterns to follow.
I try to start JEE, so after studying the frameworks avalaible for this architecture, i choose to use the following one: Flex, BlazeDS, Spring, Hibernate, mysql. i will work with eclipse or STS.The problem is that, after trying different project all over web tutorial, i wasn't able to create an architecture that gather all the last versions off technologies i choose.SO, can someone send me a links which refer a tutorial where it's preferable that the source code is available to download, and it gives the explanation about what is done.
I have been trying to upgrade spring-flex 1.0.3 to 1.5.2 in order to check new features, i.e. Hibernate lazy fetching support in BlazeDS 4. I downloaded all necessary packages, changed dependencies in Maven for Spring (to 3.0.7), Hibernate (to 3.6.9) and Spring flex core (to 1.5.2). When I try to build and deploy application, I got NullPointerException which indicates cause in my domain class (at the end of stack trace):
I am trying to access a .Net service which requires an authentication header. If WebService is used it works fine. But when it is accessed using HTTPService it throws error. The project is already done by somebody else using HTTPService. Now changing to webService requires some time since there needs to be modification in a lot of files.
Below is the SOAP envelop required by the service.
I've got the Spring Security preauthentication sample configured and working with JBoss. The next step is to somehow get the user information into a flex client GUI. What are some methods that will let me get the Authentication or UserDetails object that's created by spring-security on http access into the flex client? Since I'm logging in externally, I can't use channelset.login(), right? All the examples I've seen so far assume that the user logs in manually through the flex client, but the requirement is for container-based authentication. Using flex3, spring 3.0.4, spring-security-3.0.3
I'm going to be using Flex 4 with Spring and Hibernate.Everything is configured and working. I know this as I can do simple queries, like listing all values in a table.Problem is when I try to perform a 'select' query, then I get all the values, as I was getting before, and not the specific attributes through Select query.I'm a beginner, so kindly overlook my lack of more technically sound words..but I don use them as I don wanna mis-quote.This is class used to store data coming from the MySQL database--