Configuring socket policy for flex apps(with blocked port 843)?

We have built several flex-based ecommerce apps for a fortune 500 customer of ours, that for various reasons, we need to use sockets to a different domain and requires a socket policy file, but were having trouble configuring our flex apps for deployment in thier enviornment where they are blocking virtually everything except port 80 . The current documentation in in regards to socket policy files and crossdomain files in a non-standard configuration not using port 843 is not providing any useful help to us.
Here is the scenario:
Flex apps are served from domain www.a.com in  to users browsers via http. The apps then make socket connections to domain www.b.com:80 where there are php scripts serving json data to the flex apps via port 80 using http(we use sockets because we need to set and read back http headers). The problem is the flex apps cannot make socket connections to the www.b.com domain without errors like below(unless we setup a socket policy server on port 843 of www.b.com, in which case everything works):
Warning: Timeout on xmlsocket://www.b.com:80 (at 3 seconds) while waiting for socket policy file.  This should not cause any problems, but see http://www.adobe.com/go/strict_policy_files for an explanation.
Error: Request for resource at xmlsocket://www.b.com:80 by requestor from http://www.a.com/bin-debug/DownloadManagerFlex.swf is denied due to lack of policy file permissions.
Error: Request for resource at xmlsocket://www.b.com:80 by requestor from http://www.a.com.us/bin-debug/DownloadManagerFlex.swf is denied due to lack of policy file permissions.
Since we cannot use port  843 for the socket policy file server, we setup the socket policy server on a different ip in the same domain: spf.b.com:80 (using the sample perl code Adobe provides), and per the docs(cited below), use Security.loadPolicyFile("xmlsocket://spf.b.com:80") before we invoke "socket.connect", to supposedly tell the flash player to check there for the socket policy file. The problem, as you can see from the error log, is that the  loadPolicyFile("xmlsocket://spf.b.com:80") is ignored.
No matter what we do or how we set things up, we cannot get the flash player to recognize the loadPolicyFile(), it always wants to go to the port were making the socket connection on. It is unclear how to properly configure the flex app, socket policy file and crossdomain file for the above scenario. The docs allude to being able to serve  the socket policy file from a different port 80 in the same domain as the socket connection were trying to make, but were having no luck with that.
->Can anyone shed some light on how to make this work or what are we  missing/doing wrong? Also, if we can get this to work, are we  stuck with a 3 second delay because this(very large) customer is blocking port 843?
As an aside,  the documentation for all this is a bit scattered, unclear and contrdictory:
One document says:(http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_07.html)
"This warning usually means one of two things: first, that you need to set up a
            socket policy file server on port 843, which is the first location that Flash
            Player checks by default; or second, that you need to provide more explicit
            guidance to Flash Player from ActionScript by calling loadPolicyFile to indicate the location
            of a socket policy file. When you call loadPolicyFile rather than allowing Flash Player to check
            locations by default, Flash Player will wait as long as necessary for a
            response from a socket policy file server, rather than timing out after 3
            seconds."
Another document says(http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html):
"If an ActionScript Security.loadPolicyFile() command exists within               the SWF file, then the Flash Player runtime checks that location. Flash Player checks               the destination of the loadPolicyFile() only after it has checked the               master policy file on port 843 for permission to acknowledge other policy               files. If the developer has not specified a loadPolicyFile() command,               then Flash Player checks the destination port of the connection."

I found the reason why the Flex application was ignoring the socket policy (crossdomain.XML). I have a policy server that listens to port 843 and submits the policy to the Flex client. My policy was getting ignored by the Flex application and I was getting the sandbox security error you were getting. The solution to this problem isto write a null byte right after the policy server sends the policy. I'm using Apache Mina that is wrtten is Java and the null byte is written as follows:
public void sessionCreated (IoSession session)
        throws Exception
        session.write(_policy);  -- > policy string
        session.write("\u0000"); --> null byte
         //session.close(true); ---> No need to close the session because it is closed by the Flex client after it receives the null byte.
Now my Flex application can read and accept the policy from port 843 and I'm not getting more security violations.
Thanks for your reply,
Alberto

Similar Messages

  • Configuring group policy for user profiles in Windows Server 2012 R2 Domain

    Requesting some experts advise on configuring group policy for user profiles.
    We will be building new Windows Server 2012 R2 Domain Controllers (Domain of 400 users).
    The settings which I am concerned:
    1. Folder Redirection: Desktop, Documents, Favorites.
    2. Quota for Folder Redirection - 1 GB per user.
    3. Map a networked drive - 1 GB per user.
    4. Roaming profile - (Will ignore if it does not suit our requirement). 
    The question is how outlook profile will be retained / automatically moved if the users move from once computer to other?
    FYI, E-mails hosted on MS Office365 and OST file size of few users more than 25GB. So, in case the user moves from one computer to other, the entire mailbox will be downloaded via internet. This consumes high bandwidth if more than 3-4 users shift per day.
    Thanks a lot for your valuable time and efforts.

    Hi,
    >>The question is how outlook profile will be retained / automatically moved if the users move from once computer to other?
    This depends on where our outlook data files are stored. If these data files are stored under
    drive:\Users\<username>\AppData\Local, then these files can’t be redirected, for folder redirection can’t redirect appdata local or locallow.
    However, regarding your question, we can refer to the following thread to find the solution.
    Roam outlook profiles without roaming profiles
    http://social.technet.microsoft.com/Forums/office/en-US/3908b8e0-8f44-4a34-8eb5-5a024df3463e/roam-outlook-profiles-without-roaming-profiles
    In addition, regarding how to configure folder redirection, the following article can be referred to for more information.
    Configuring Folder Redirection
    http://technet.microsoft.com/library/cc786749.aspx
    Hope it helps.
    Best regards,
    Frank Shen

  • How to configure Fault policy for the Mediator??

    Hi All,
    I failed to configure fault policy for the mediator on FMW 11g. Below are my configurations.
    1. I created simple ESB project: Consume message(using JMS adapter) from AQ topic: Q1 and produce to another AQ topic: Q2. In order to test the fault policy, The project will thorw an exception when produce to the AQ topic Q2 (Q2 didnt exist).
    2. Created fault-policies.xml and fault-bindings.xml files in the Composite project directory.
    But it didnt work, I didnt find any retry action in the log file. Is this the correct way to configure the fault policy? your suggestions are welcome. thanks.
    fault-policies.xml
    ======================================================
    <?xml version="1.0" encoding="UTF-8"?>
    <faultPolicies>
    <faultPolicy version="2.0.1" id="CRM_ServiceFaults">
    <Conditions>
    <faultName xmlns:medns="http://schemas.oracle.com/mediator/faults"
    name="medns:mediatorFault">
    <condition>
    <test>contains($fault.mediatorErrorCode, "TYPE_FATAL_MESH")</test>
    <action ref="ora-retry"/>
    </condition>
    </faultName>
    </Conditions>
    <Actions>
    <Action id="ora-retry">
    <retry>
    <retryCount>3</retryCount>
    <retryInterval>40</retryInterval>
    <exponentialBackoff/>
    <retryFailureAction ref="ora-terminate"/>
    <retrySuccessAction ref="ora-terminate"/>
    </retry>
    </Action>
    <Action id="ora-terminate">
    <abort/>
    </Action>
    </Actions>
    </faultPolicy>
    </faultPolicies>
    fault-bindings.xml
    ==========================================================
    <?xml version="1.0" encoding="UTF-8"?>
    <faultPolicyBindings version="2.0.1"
    xmlns="http://schemas.oracle.com/bpel/faultpolicy"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <composite faultPolicy="CRM_ServiceFaults"/>
    </faultPolicyBindings>
    Thanks Mingzhuang

    http://download.oracle.com/docs/cd/E12839_01/integration.1111/e10224/bp_faults.htm#SOASE9906

  • Existing Flex App With Air

    I have been working on a large Flex App using CFM as the db
    access layer. Essentially I understand that AIR will allow my RIA
    which is currently solely used in a browser run off line as a
    desktop app. However, my question is what's involved in modifying
    this application to push 'new' data added while off line back to
    the db when a connection becomes available.
    Some guidance on this subject would be great, or is this
    something which should require no modification?

    AIR doesn't give you any synchronization mechanisms. It's
    entirely up to you how you manage offline operation.
    What AIR actually does is provide an out-of-browser runtime
    environment for Flex apps, plus some additional APIs that Flex
    couldn't give you due to its browser-based nature. Among them are
    access to a local database, plus more generalized local filesystem
    access. Between these two things, you can store local changes while
    offline, then work out some way to push them to the server at a
    later time.
    You might make your first step into the AIR world just a
    simple port of the existing application to run under the AIR
    framework. This won't give you any new offline capability, but it
    will let the app run as a desktop app, outside a browser. This may
    make more sense for your type of application. Then once you get
    that going, you can worry about synchronization.

  • Configuring mail account in Mail App with restriction account on

    Hi there,
    How is possible to create an account in Mail App with the restriction Accounts enable?
    I explain myself. I configure all the iPads of my business with the restrictions enabled and select "Don´t Allow Changes" on the Accounts tab.
    Settings > General > Restrictions> ( Enter Passcode ) >Enable Restrictions> Accounts > Don´t Allow Changes
    It suppouses to prevent any change or create an account on Mail App, but I´ve found a couple of iPads with a Yahoo and GMail account configured in the Mail App while the restrictions still enabled.
    Of course, users doesn´t know the Passcode and any of the general setting where modified.
    Is there any other way ( via web perhaps, no high tech at all ) to configure an account in a restricted iPad?
    I´m using iPad 2 ( iOS 5.0.1 )
    I can´t figure out how, and it´s driving me crazy.
    Thanks in advance.

    Thanks gyrhead for the answer.
    I do have Installing and Deleting Apps turned on so users can´t install or delete anything.
    Guessing a four digits passcode in 10 attemps is very dificult, I discard that option.
    There is somehow to add a Yahoo o Gmail account with account Restictions Enable.
    Safari has no restriction indeed, except "private brownsing", so it might come from that way, but I can´t figured out how you might configure a Gmail o Yahoo account straight to the Mail App using just Safari...

  • I have created a Flex App with out a Server now I need one

    So I'm new to Flex and didn't think the project needed a
    server at first (poor planning on my part) now I'll need one. I
    have alot built and would like to just conevert the app if I can.
    The project has been sourced in to Subversion, I would like not to
    have to rebuild the repository.
    Thanks for the help

    OK, so I think what you're saying is that you have developed
    locally, which is good, and are using java objects as your back end
    solution - I'll just state that Java is the *only* method of data
    transfer that I haven't used (I use ColdFusion, XML, WEb Services
    mostly), so at some stage I may not be able to help you.
    Still, lets see how far we get. So, you can deploy your SWF
    file to any web server, and browse to it with your browser. The
    output in the /bin directory will include the SWF (usually the name
    of the project) and a html wrapper file.
    Is the Flex app actually rendering (i.e., your containers)
    before you get the error? (I'm trying to determine if the problem
    is the data transfer or the flex app proper)??
    David

  • Enabling Browser Back Button for FLEX App

    Can anyone suggest me a way to implement Browser Back Button work with Flex App which runs in every browser and works perfect bug free ???

    thanx for the reply but unfortunately its not running in IE6 ... any idea why ?

  • Can I use the Chrome for iOS app with Chromecast?

    I recently purchased a Chromecast for my home television to see how it stacks up to the Apple TV3 (which I also have). I see very clearly that Netflix and YouTube are well integrated for use with this dongle but I do not see that Chrome for iOS is (on iPhone or iPad). It seems counterintuitive to not have the Chrome iOS app work with Chromecast even though other iOS apps do (Netflix;Youtube). Can anyone confirm or deny whether or not we can, or in the near future be able to, use the iOS Chrome app with Chromecast? It is in this very department that AppleTV has the Chromecast beaten, among others.
    Also, Google Groups seems difficult to navigate in order to post my question there. If anyone has any insight for that as well I would greatly appreciate it.
    Thank you!

    Google has made an App specifically to control the ChromeCast from an iOS device rather than integrating the control into the Browser.
    https://itunes.apple.com/us/app/chromecast/id680819774?mt=8

  • Flex App with remoting works on local Apache server - fails on production server

    Hi Everyone,
    I have a Flex app that uses Data Services. The application works correctly on my local Mac Server and Apache. When uploaded to my production CentOS server, the Data Services fail. When the app is done loading, the following error message comes up:
    Class "ModelsService" does not exist: Plugin by name 'ModelsService' was not found in the registry; used paths:
    : /www/html/mdubb//PHP2/bin-debug/services/
    #0 /var/www/html/mdubb/ZendFramework/library/Zend/Amf/Server.php(550): Zend_Amf_Server->_dispatch('getAllModels', Array, 'ModelsService')
    #1 /var/www/html/mdubb/ZendFramework/library/Zend/Amf/Server.php(626): Zend_Amf_Server->_handle(Object(Zend_Amf_Request_Http))
    #2 /var/www/html/mdubb/PHP2/bin-debug/gateway.php(73): Zend_Amf_Server->handle()
    #3 {main}
    Where getAllModels is a method of my custom ModelsService.
    I changed the Zend path in the amf_config.ini file so it references the correct directory. If I browse to gateway.php, it prompts to download the file, which I think is correct.
    I added in the config file the path to the services folder.
    I tried adding $server->addClass("ModelServices") in gateway.php, but it didn't like that.
    The file structure on the production server is the same as the local server (I litterally uploaded everything in my local web root), so I can't think of what would be differenet between the two.
    I have already pulled one all nighter trying to get this to run. Do you know what I should troubleshoot next?
    Thanks in advance,
    Ryan

    Hi,
    With reference to Lumira 1.15, the minimal SP we support is BI 4.0 SP6. Please upgrade at least to this. Everything is detailed in the PAM https://websmp107.sap-ag.de/~sapidb/011000358700001095842012E
    Best regards,
    Antoine

  • What are the better load/performance testing tools available for Flex Application with BlazeDS RO?

    In my application is designed with Flex3, ActionScript3, BlazeDS Remote Objects.
    Just i tried with OPENSTA but i cant do the dynamic parameterization in their generated scripts because the response of the calls is binary values and also we cant get the response using with SCL language.
    While testing with OPENSTA with HttpService, i can do the dynamic parameterization and got the response.
    can give the information about the below questions
    whether we can do dynamic parameterization with OPENSTA for Flex Remote objects?
    and  what are the better load/performance tools available for Flex Remote Objects?

    Your approach is fine, depending on how many and what type of CFCs you are talking about. If they are "singletons" - that is, only one instance of each CFC is needed to be in memory and can be reused/shared from multiple parts of your application - caching them in the application scope is common.  Just make sure they are thread safe ("var" or local.* all your method variables).
    You might consider taking advantage of a dependency injection framework, such as DI/1 (part of the FW/1 MVC framework), ColdSpring, or WireBox (a module of the ColdBox platform that can be used independently).  They have mechanisms for handling and caching singletons.  Then you wouldn't have to go to the application scope to get your CFC instances.
    -Carl V.

  • Flash Alternative for developing app with lots of 2D Animation

    First let me say, I know Flash does not run on iPad. And I'm not looking for an alternative to Flash Video.
    I want to create an app for the iPad, with a lot of full screen, 24 frames-per-second animation. Basically an interactive Animated Movie, like the game Dragon's Lair, from days of yore.
    I know how to do this in Flash, using the timeline and drawing and animation tools, and using Actionscript to track user clicks and trigger events in the movie.
    Are there any alternative tools I can use for iPad app development, that will allow me to:
    -- Draw directly in the tool
    -- Do frame by frame animation in the tool
    -- Uses a timeline
    -- Uses vector images to keep the file size down
    -- Has a scripting language that will allow me to track the user clicking on invisible buttons and trigger new animations?
    I've looked at all of Apple's Developer tools for the iPhone and iPad, but they all seem to use Bitmapped Sprites which would make the file size way too big, and animation a nightmare.
    Thanks in advance for any help on this.
    Message was edited by: shackleram

    shackleram wrote:
    First let me say, I know Flash does not run on iPad. And I'm not looking for an alternative to Flash Video.
    I want to create an app for the iPad, with a lot of full screen, 24 frames-per-second animation. Basically an interactive Animated Movie, like the game Dragon's Lair, from days of yore.
    I know how to do this in Flash, using the timeline and drawing and animation tools, and using Actionscript to track click and trigger events in the movie.
    Are there any alternative tools I can use for iPad app development, that will allow me to:
    -- Draw directly in the tool
    -- Do frame by frame animation in the tool
    -- Uses a timeline
    -- Uses vector images to keep the file size down
    -- Has a scripting language that will allow me to track the user clicking on invisible buttons and trigger new animations?
    I've looked at all of Apples Developer tools for the iPhone and iPad, but they all seem to use Bitmapped Sprites which would make the file size way too big, and animation a nightmare.
    Thanks in advance for any help on this.
    Well, there are several 3D game developers for the iOS operating system including EA Sports and id Software's Doom Engine. And in the Apple Software Development Kit for iOS, there are numerous API's for game development. I think you should google game development for the iOS (ipad and iphone), and see what they've got.

  • Looking for AIR app with the following features

    This list of functionalities is so common I thought I'd check to see if anyone knows an opensource or even commericial app with the following features.
    Access User's File System
    Drag & Drop Upload
    Does anyone know of an AIR project that already exists?
    I could write this myself but I'd rather not reinvent the wheel with a 2 week deadline.
    Thanks

    Hi A-Mo,
    I'm very sorry that your husband's PowerShot SD1100 IS was stolen!
    The SD camera line has been replaced by the PowerShot ELPH lineup. These cameras are improved in a number of important ways, such as better zoom lenses, and sensitivity to light for existing light photography.
    I recommend that you consider the PowerShot ELPH 310 HS. This camera has an 8x optical zoom lens (vs. 3x for the PowerShot SD1100 IS), has a higher ISO of 3200 (vs. 1600) for low light photography and shoots video in "full" high definition (1920 x 1080 resolution) (vs. 640 x 480).
    Please note: none of the cameras in this group of cameras includes the optical viewfinder you had on the PowerShot SD1100 IS,
    I hope this is helpful.
    Did this answer your question? Please click the Accept as Solution button so that others may find the answer as well.

  • HTTP request logger/simulator for flex app

    I have a server that provides input xml data to a flex app in a browser be displayed on the screen for editing over http. Can someone suggest a way to cache and simulate this server's response? I need the flex app in the browser to work even when the server is down (for testing and UI dev). Any tools or ideas that I may be able to use?
    Thx

    just point your HTTPService tag to any local xml file having static data snapshot using url attribute
    If you feel this message answers your question or helps, please mark it respectively

  • HT3702 Where can I find refund policy for an App Store purchase?

    Where can I find how to get a refund for a purchase?
    My most recent purchase for an App was $50, and since there is disagreement as to why it doesn't work (TomTom GPS app or Apple iOS), I would like to get my money back.
    Yes. I've search the forums and tried the suggestions of giving the TT app solitary use of the Location Services, resetting my iTouch 4G and my New iPad Retina each, and still no GPS connection, whether I try using an AT&amp;T MiFi or tethering to my wife's iPad mini with Verizon cellular showing LTE as a HotSpot.
    Or do I just intact my VISA card issuer to deny the purchase?
    Thank you in advance for replying!

    Log into your on-line MyVerizon account and click Documents & Receipts on the left-hand side of the page.

  • Audio is not playing first time in Flex app with 11.2 Flash player.

    Hi,
    I am playing an audio fle as flv in a flex application with flash player 11.2  but it is not playing first time and it is playing afetr pause/play and page refresh. Loacally it is playing fine. Please help and guide me.
    thanks in Advance
    Rangrajan.

    Taha,
    Not sure that I understand your workflow there. For editing, the 48KHz 16-bit is the "standard." The 32KHz is not.
    Now, what is the Sample-Rate of your original material?
    What is the CODEC used in that muxed (multiplexed, i.e. combined Audio & Video) file?
    Did you allow Conforming complete 100%? This ARTICLE will give you some background.
    Do you see the Waveform Display for that Clip? Alt+click on the Audio portion of the Clip, and then Dbl-click on it to get it into the Source Monitor. Do you see the Waveform Display there?
    Have you added any Keyframes, or Effects to that Audio? Toggle the Keyframe Display in the Track Header, to see if there are any Clip, or Track Keyframes there.
    Have you accidentally Muted that Track? Look at the Visibility (eyeball) icon in the Track Header. Then, look in Audio Mixer to see if that Track is Muted.
    Good luck,
    Hunt

Maybe you are looking for