Securing BlazeDS (https)

I wanted to set up a flex/BlazeDS app to ONLY use https and not http at all!

Key lies in setting up the channels in two places:

1) In services-config.xml, comment out the normal my-amf channel and leave the my-secure-amf only

<!–

<channel-definition id=”my-amf”>
<endpoint url=”http://{server.name}:{server.port}/{context.root}/messagebroker/amf”/>
</channel-definition>
–>
<channel-definition id=”my-secure-amf”>
<endpoint url=”https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure”/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
</properties>
</channel-definition>

2) Secondly comment out the same details in the remoting-config.xml file

<default-channels>
<channel ref=”my-secure-amf”/>
<!–          <channel ref=”my-amf”/> –>
</default-channels>

That’s it. Deploy and check. the first screen on http may appear, but nothing thereafter will work unless you use https://

September 29, 2009
Categories: BlazeDS, Tomcat . . Author: deshartman

3 Comments

  1. Comment by Savannah on October 17, 2009 11:49

    Awesome blog!

    I thought about starting my own blog too but I’m just too lazy so, I guess Ill just have to keep checking yours out.
    LOL,

    Reply
  2. Comment by abhishek on August 16, 2012 16:38

    its not working only work on http://localhost:8400/xyz.html

    Reply
  3. Comment by Chad Fraser on September 26, 2012 02:35

    what needs to be done on the flex side? for some reason i cant seem to get it to work when i am using the secure channel.

    Reply

Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.