Webservice call throws Channel.Security.Error

Hello all,
My flex app calls webservices hosted on the same server that
hosts the .swf file of the application. Running the app in flex
builder or on the same machine works perfectly all business logic
is called using webservices. When running the application on
another system however a Channel.Security.Error is thrown when
calling the first webservice with following detail shown in IE:
[FaultEvent fault=[RPC Fault faultString="Security error accessing
url" faultCode="Channel.Security.Error" faultDetail="Destination:
DefaultHTTP"] messageId="9C03B02E-1A3F-1F2B-1277-FD674AB4D188"
type="fault" bubbles=false cancelable=true eventPhase=2]
I started out discovering a world new to me, the world of
flash security settings:
http://www.adobe.com/devnet/flashplayer/articles/flash_player9_security_update.html#policy _file
http://livedocs.adobe.com/flex/3/html/help.html?content=05B_Security_10.html
http://nederflash.nl/blog/voorbereiden-op-de-flash-player-9-april-2008-veiligheids-update
So I started out using a policy server (using the python
script that you can download in the first article link mentioned)
on the webservice server on port 843 that serves following file:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "
http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*"
headers="SOAPAction"/>
<allow-access-from domain="*"/>
</cross-domain-policy>
But apparently the flex app on the other machine never makes
a request to this policy server. In the end I also added an
crossdomain.xml file with the same contents by an apache http
server in the root directory. All this without success...and this
problem is driving me bananas.
We are using the latest version of the flash player: "You
have version 9,0,124,0 installed"
Since we have to put a version of this application into
production at the end of this week all help, suggestions and
remarks are really appreciated.
kind regards,
Geert Van Landeghem

Hi Rita,
I think I had a similar problem. Flex requires that the server on which the flex application is (swf file) must be the same as the one where the the wsdl is called from. In other words if the URL of your wsdl is "machine_name.sap.com", you must call the flex application from "machine_name.sap.com".
There are ways to circumvent this security check flex does apparently, but I was never able to make them work.
Regards,
Philon

Similar Messages

Deployment Error Channel.Security.Error

All,
I'm receiving the below error when trying to deploy my FLEX 2
page. Everything works fine when I run the page from within the
Flex Builder, but as soon as I move the files to within my Virtual
Directory and try to access the page through a web Broswer, it
fails. I'm using a Wrapper created by the Flex Builder, and even
created a crossdomain.xml file to access the WebServices. One thing
to note, the WebServices are on a different machine than what I'm
running the Flex page from.
quote:
[[RPC Fault faultString="Security error accessing url"
faultCode="Channel.Security.Error" faultDetail="Unable to load
WSDL. If currently online, please verify the URI and/or format of
the WSDL (
http://onyx/WebService1/Service1.asmx?wsdl)"
at mx.rpc.soap::WSDLParser/::dispatchFault()
at mx.rpc.soap::WSDLParser/
http://www.adobe.com/2006/flex/mx/internal::httpFaultHandler()
at
flash.events::EventDispatcher/flash.events:EventDispatcher::dispatchEventFunction()
at flash.events::EventDispatcher/dispatchEvent()
at mx.rpc::AbstractInvoker/
http://www.adobe.com/2006/flex/mx/internal::dispatchRpcEvent()
at mx.rpc::AbstractInvoker/
http://www.adobe.com/2006/flex/mx/internal::faultHandler()
at mx.rpc::Responder/fault()
at mx.rpc::AsyncRequest/fault()
at ::DirectHTTPMessageResponder/securityErrorHandler()
at
flash.events::EventDispatcher/flash.events:EventDispatcher::dispatchEventFunction()
at flash.events::EventDispatcher/dispatchEvent()
at
flash.net::URLLoader/flash.net:URLLoader::redirectEvent()]
Any thoughts on what could be causing this? I'm not using a
proxy, and I'm just trying to get a pretty basic page to work. Any
input would be appreciated.
Thanks,
-Ned kost

If the domain of the Flex2 app is different then the domain
of the WebService app you can get this error. You'll need a
crossdomain.xml file on the WebService domain's root folder giving
your Flex2 app permission to make the call.

Publishing my flex application in external server (Channel.Security.Error error Error #2048)

when i publish my flex application in an external server i get that error if my flash builder beta 2 is closed in my system , i did configure an endpoint to the dataservice to point to the external server and if i run my flash builder and any body browser the site it open and they can access the data from my application but if i close my flash builder we have this error all of us
Send failed
Channel.Security.Error error Error #2048: Security sandbox violation:
http://www.dcecrak.com/Maine.swf cannot load data from
http://localhost:37813/flex2gateway/?hostport=www.dcecrak.com&https=N&id=-1. url:
'http://www.dcecrak.com/flex2gateway/'
i created a crossdomain.xml file and put it in the web root , if i try to open the link http://www.dcecrak.com/flex2gateway it open with blank page this means that every thing is oky , my service-config file looks like that :
<?xml version="1.0" encoding="UTF-8"?>
<services-config>
    <services>
        <service-include file-path="remoting-config.xml" />
        <service-include file-path="proxy-config.xml" />
        <service-include file-path="messaging-config.xml" />
    </services>
    <security>
        <login-command class="flex.messaging.security.JRunLoginCommand" server="JRun"/>
        
        
    </security>
    <channels>
        
<channel-definition id="dcecrak" class="mx.messaging.channels.AMFChannel">
            <endpoint uri="http://www.dcecrak.com/flex2gateway/" class="coldfusion.flash.messaging.CFAMFEndPoint"/>
            <properties>
                  <add-no-cache-headers>false</add-no-cache-headers>
                        <polling-interval-seconds>8</polling-interval-seconds>
                        <serialization>
                              <enable-small-messages>false</enable-small-messages>
                        </serialization>
                        <coldfusion>
                            
                              <access>
                                    
                                    <use-mappings>true</use-mappings>
                                    
                                    <method-access-level>remote</method-access-level>
                              </access>
                              
                              <use-accessors>true</use-accessors>
                              
                              <use-structs>false</use-structs>
                    <property-case>
                        
                        <force-cfc-lowercase>false</force-cfc-lowercase>
                        
                        <force-query-lowercase>false</force-query-lowercase>
                        
                        <force-struct-lowercase>false</force-struct-lowercase>
                    </property-case>
                        </coldfusion>
            </properties>
        </channel-definition>
        <channel-definition id="cf-polling-amf" class="mx.messaging.channels.AMFChannel">
            <endpoint uri="http://{server.name}:{server.port}{context.root}/flex2gateway/cfamfpolling" class="coldfusion.flash.messaging.CFAMFEndPoint"/>
            <properties>
                <polling-enabled>true</polling-enabled>
                <polling-interval-seconds>8</polling-interval-seconds>
                        <serialization>
                              <enable-small-messages>false</enable-small-messages>
                        </serialization>
                        <coldfusion>
                            
                              <access>
                                    
                                    <use-mappings>true</use-mappings>
                                    
                                    <method-access-level>remote</method-access-level>
                              </access>
                              
                              <use-accessors>true</use-accessors>
                              
                              <use-structs>false</use-structs>
                    <property-case>
                        
                        <force-cfc-lowercase>false</force-cfc-lowercase>
                        
                        <force-query-lowercase>false</force-query-lowercase>
                        
                        <force-struct-lowercase>false</force-struct-lowercase>
                    </property-case>
                        </coldfusion>
            </properties>
        </channel-definition>
        <channel-definition id="my-cfamf-secure" class="mx.messaging.channels.SecureAMFChannel">
            <endpoint uri="https://{server.name}:{server.port}{context.root}/flex2gateway/cfamfsecure" class="coldfusion.flash.messaging.SecureCFAMFEndPoint"/>
            <properties>
                <polling-enabled>false</polling-enabled>
                        <add-no-cache-headers>false</add-no-cache-headers>
                        <serialization>
                              <enable-small-messages>false</enable-small-messages>
                        </serialization>
                        <coldfusion>
                            
                              <access>
                                    
                                    <use-mappings>true</use-mappings>
                                    
                                    <method-access-level>remote</method-access-level>
                              </access>
                              
                              <use-accessors>true</use-accessors>
                              
                              <use-structs>false</use-structs>
                              <property-case>
                        
                        <force-cfc-lowercase>false</force-cfc-lowercase>
                        
                        <force-query-lowercase>false</force-query-lowercase>
                        
                        <force-struct-lowercase>false</force-struct-lowercase>
                    </property-case>
                        </coldfusion>
            </properties>
        </channel-definition>
        
        <channel-definition id="java-amf" class="mx.messaging.channels.AMFChannel">
            <endpoint uri="http://{server.name}:{server.port}{context.root}/flex2gateway/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
        </channel-definition>
        <channel-definition id="java-secure-amf" class="mx.messaging.channels.SecureAMFChannel">
            <endpoint uri="https://{server.name}:{server.port}{context.root}/flex2gateway/amfsecure" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
        </channel-definition>
        <channel-definition id="java-polling-amf" class="mx.messaging.channels.AMFChannel">
            <endpoint uri="http://{server.name}:{server.port}{context.root}/flex2gateway/amfpolling" class="flex.messaging.endpoints.AMFEndpoint"/>
            <properties>
                <polling-enabled>true</polling-enabled>
                <polling-interval-seconds>8</polling-interval-seconds>
            </properties>
        </channel-definition>
        
    </channels>
    <logging>
        <target class="flex.messaging.log.ConsoleTarget" level="Error">
            <properties>
                <prefix>[BlazeDS] </prefix>
                <includeDate>false</includeDate>
                <includeTime>false</includeTime>
                <includeLevel>false</includeLevel>
                <includeCategory>false</includeCategory>
            </properties>
            <filters>
                <pattern>Endpoint.*</pattern>
                <pattern>Service.*</pattern>
                <pattern>Configuration</pattern>
                <pattern>Message.*</pattern>
            </filters>
        </target>
    </logging>
    <system>
        <manageable>false</manageable>
        
    </system>
</services-config>
and my crossdomain.xml looks like that :
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="localhost" to-ports="*" secure="false"/>
<allow-access-from domain="*" to-ports="*" secure="false"/>
<allow-http-request-headers-from domain="*"/>
</cross-domain-policy>
really its strange only the site works if my flash builder is running , please help

Thanks all for your attention, i have solved my problem and i think its a bug in the flash builder , the problem was that when you compile the application and you enabling Network Monitoring , the communication of the AMF channels done throw the http://localhost:37813/flex2gateway/
and that was the problem if you close the flash builder on your system that getaway dose not exist and on the hosted server there is no such address localhost by this port also so the client application witch is catch in you system try to access your localhost and that cause a security error and the address is also not exist .
so the solution or we have to compile the project after we disable the Network Monitoring in flash builder .

How to get rid of Channel.Security.Error when developing locally?

okay here's the rundown, I'm trying to use an HTTPService
that's on https://mydomain.com, when I hit the run button in flex
builder I get a Channel.Security.Error because
file:///User/.../main.html is not the same domain as mydomain.com,
so in order to run it I'm hitting the run button, then sftping the
swf to mydomain.com/~myname/ and then I don't get the error. The
big issue with this is I can't figure out how to attach the
debugger when I do this.
So the question is, is there a way I can either disable the
url security settings when the flash file is being run from file://
or do something to make it so I can debug just by hitting the
button instead of having to jump through all these copying
hoops?

so I need to put a file on the root of the domain with the
service on it?:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "
http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="localhost" />
</cross-domain-policy>
If I can't get it on the root of the server, is there another
way without running a webserver on my local box?

Webservice call ends in Verify error during after decoding ( after update to Flex builder 3 /Flex builder 2.01 hotfix 3)

Hi all,
I like to ask if someone has ever get or heard from this
error (or may help me to discuss how would be the best way to fix
it). Also please note that the error didn´t occure when I used
Flexbuilder 2.01 Hotfix 2 and the Flashplayer 9.0.47.
The error just occured in myapp when I make a webservice call
which response message includes a array of parameters.
There is one workaround in the WSDL definition of the
parameters, cause the WSDL contains at this place a <choice>
tag, which is just partial supported by FLEX. The workaround for
this is to use an own wsdl for the flex client where the including
tags use attributes for minOccurs="0" maxOccurs="1" .
The console window from FB3 shows (beneath some hundred stack
entries) the following error:
VerifyError: Error #1068: iwp.myapp.searchform.MySearchForm
and iwp.myapp.searchform.MySearchForm cannot be reconciled.
at
iwp.myapp.searchform::MySearchForm/getSearchFormResultHandler()
at flash.events::EventDispatcher/dispatchEventFunction()
at flash.events::EventDispatcher/dispatchEvent()
at mx.rpc::AbstractOperation/
http://www.adobe.com/2006/flex/mx/internal::dispatchRpcEvent()[E:\dev\flex\sdk\frameworks\ projects\rpc\src\mx\rpc\AbstractOperation.as:196
at mx.rpc::AbstractInvoker/
http://www.adobe.com/2006/flex/mx/internal::resultHandler()[E:\dev\flex\sdk\frameworks\pro jects\rpc\src\mx\rpc\AbstractInvoker.as:198
at
mx.rpc::Responder/result()[E:\dev\flex\sdk\frameworks\projects\rpc\src\mx\rpc\Responder.a s:48]
at
mx.rpc::AsyncRequest/acknowledge()[E:\dev\flex\sdk\frameworks\projects\rpc\src\mx\rpc\Asy ncRequest.as:81]
at
DirectHTTPMessageResponder/completeHandler()[E:\dev\flex\sdk\frameworks\projects\rpc\src\ mx\messaging\channels\DirectHTTPChannel.as:387]
at flash.events::EventDispatcher/dispatchEventFunction()
at flash.events::EventDispatcher/dispatchEvent()
at flash.net::URLLoader/onComplete()
I really appreciated if somone could help me with this or has
an idea how I can go on.
( one Question Is there a way to get the "open source"
sourcecode before FB3 is released?)
best regards
kcell

Hi all,
today I found the reason for the crash, whcih occure when my
app called the webservice function in the new flashplayer 9.0.115).
The reason was that in the ResultHandler-function of the
webservice call there were nested "switch" conditions used and in
two of the "case" branches a "break;" missed. So the problem could
easily be fixed, but I just want to inform people if the got a
similar problem they should try to start the problem with "empty"
Result/Fault Handler functions.
( the old version (9.0.47) seems to be more robust against a
missing "break;" , but for sure have other leaks and of course
features)
so kepp on flexing ;)
best regards,
kcell

Update muse and made changes to home page now getting this error message... error calling selector function: Security error:Failed to read the content document html Iframe element

Made changes on my home page and it looks great in the preview in browser, but when i upload to my server I get the attached error message. PLEASE HELP!!!

It's common for opening a locally exported website that contains Social widgets or other third party code to generate security errors because it will be loaded in the browser using file:// protocol. When a site is previewed from Muse (in Muse or in browser) or uploaded to a hosting provider it's served using http:// (or https://) protocol and the security errors don't occur.
The third party code that comes with using the Social widgets or any other widgets that rely on third party code and/or services is frequently not designed to work over file:// protocol.

BI Publisher Webservice calls throws XDOIOException followed by an Error

Hi,
We have developed a custom Java Web Service which acts as an layer between a .Net application and BI Publisher Web services.
The .Net application submits an XML to custom Java Web Service. The custom Java Web Service then passes the xml to BI Publisher web service (runReport web method) along with the authentication details.
The BI Publisher runReport method processes the record and returns a byte stream which is passed back to .Net application.
1 record = produces 8 pages of PDF
1 Batch = 100 records (processed at a given time) returns 1 pdf containing 100 records
After processing about 25000 records, we are getting the following exceptions:
2010-10-11 00:38:59 BIWebServiceProxy [ERROR] runReport Exception while scheduling report :
javax.xml.ws.soap.SOAPFaultException: oracle.xdo.webservice.exception.OperationFailedException: PublicReportService::generateReport failed: due to oracle.xdo.XDOIOException: java.io.IOException: java.lang.reflect.InvocationTargetException
     at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:197)
     at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:130)
     at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:125)
     at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
     at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
     at $Proxy465.runReport(Unknown Source)
     at sun.reflect.GeneratedMethodAccessor307.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
     at $Proxy183.runReport(Unknown Source)
     at biwebserviceproxy.BIWebServiceProxy.runReport(BIWebServiceProxy.java:198)
     at sun.reflect.GeneratedMethodAccessor305.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:92)
     at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:74)
     at com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:151)
     at com.sun.xml.ws.server.sei.EndpointMethodHandlerImpl.invoke(EndpointMethodHandlerImpl.java:265)
     at com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:100)
     at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
     at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
     at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
     at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
     at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:373)
     at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:524)
     at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:255)
     at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:140)
     at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:208)
     at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:310)
     at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:223)
     at weblogic.wsee.jaxws.JAXWSServlet.doPost(JAXWSServlet.java:124)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
     at weblogic.wsee.jaxws.JAXWSServlet.service(JAXWSServlet.java:79)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
     at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
     at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
     at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
     at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
2010-10-11 00:38:59 BIWebServiceProxy [ERROR] runReport Exception while scheduling report :
javax.xml.ws.soap.SOAPFaultException: oracle.xdo.webservice.exception.OperationFailedException: PublicReportService::generateReport failed: due to oracle.xdo.XDOIOException: java.io.IOException: java.lang.reflect.InvocationTargetException
     at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:197)
     at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:130)
     at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:125)
     at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
     at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
     at $Proxy466.runReport(Unknown Source)
     at sun.reflect.GeneratedMethodAccessor307.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
     at $Proxy183.runReport(Unknown Source)
     at biwebserviceproxy.BIWebServiceProxy.runReport(BIWebServiceProxy.java:198)
     at sun.reflect.GeneratedMethodAccessor305.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:92)
     at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:74)
     at com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:151)
     at com.sun.xml.ws.server.sei.EndpointMethodHandlerImpl.invoke(EndpointMethodHandlerImpl.java:265)
     at com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:100)
     at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
     at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
     at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
     at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
     at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:373)
     at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:524)
     at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:255)
     at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:140)
     at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:208)
     at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:310)
     at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:223)
     at weblogic.wsee.jaxws.JAXWSServlet.doPost(JAXWSServlet.java:124)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
     at weblogic.wsee.jaxws.JAXWSServlet.service(JAXWSServlet.java:79)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
     at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
     at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
     at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
     at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
2010-10-11 02:07:09 BIWebServiceProxy [ERROR] runReport Exception while scheduling report :
*javax.xml.ws.soap.SOAPFaultException: oracle.xdo.webservice.exception.OperationFailedException: PublicReportService::generateReport failed: due to oracle.xdo.XDOException: java.lang.OutOfMemoryError: allocLargeObjectOrArray: [B, size 2097680*
     at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:197)
     at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:130)
     at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:125)
     at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
     at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
     at $Proxy573.runReport(Unknown Source)
     at sun.reflect.GeneratedMethodAccessor307.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
     at $Proxy183.runReport(Unknown Source)
     at biwebserviceproxy.BIWebServiceProxy.runReport(BIWebServiceProxy.java:198)
     at sun.reflect.GeneratedMethodAccessor305.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:92)
     at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:74)
     at com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:151)
     at com.sun.xml.ws.server.sei.EndpointMethodHandlerImpl.invoke(EndpointMethodHandlerImpl.java:265)
     at com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:100)
     at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
     at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
     at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
     at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
     at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:373)
     at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:524)
     at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:255)
     at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:140)
     at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:208)
     at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:310)
     at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:223)
     at weblogic.wsee.jaxws.JAXWSServlet.doPost(JAXWSServlet.java:124)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
     at weblogic.wsee.jaxws.JAXWSServlet.service(JAXWSServlet.java:79)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
     at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
     at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
     at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
     at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
It is noticed that after logging XDOIOException two times, it throws OutOfMemory error. Currently after every 25000 records, we are restarting the Oracle Weblogic / BI Publisher 11g just to meet our SLAs of PDF generation.
Has anyone of you guys have faced similar errors / have any kind of clues on XDOIOException ?
Thanks and Regards,
Manish Sachdev
Edited by: user9286015 on Oct 12, 2010 4:01 AM

Awaiting some pointers / help on this. Please help !!!
Regards,
Manish

Security Error when trying to access web service

I have an app that connects over HTTPS to a web service on
our internal network. The interface to the web service was created
by using the WSDL Import function of the Flex IDE.
I can run the app and retrieve data without a problem when I
run from the debug-bin folder that the Flex IDE compiles to.
However, I cannot connect to the web service from anywhere else,
such as a different location on my own local drives, a network
drive, or another persons machine.
I've setup a local instance of Apache with mod_ssl so I could
host the app under an HTTPS connection itself, which the
documentation seemed to imply that would work. However, when I run
the app, I get:
[FaultEvent fault=[RPC Fault faultString="Security error
accessing url" faultCode="Channel.Security.Error"
faultDetail="Destination: DefaultHTTPS"] messageId=null
type="fault" bubbles=true cancelable=true eventPhase=2]
I am accessing the app by going to
https://mymachine.companydomain.com/myapp.html, and the web service
is being accessed through https://webservice.companydomain.com/.
Anybody have any thoughts on what I should be looking at?
I've been searching and trying things for a few days with no luck.
Any help would be appreciated. Thanks.

The SSL handshake works differently to a browser as it is making the connections automatically.
The browser asks every time if you want to trust an expired certificate, and it also recommends not to. Its impractical to manually check every service call to say do you trust the certificate so the functionality doesn't exist. I doubt any integration product does this. Therefore there isn't a option to ignore the certificate if it has expired.
This makes sence as the certificate is untrustworthy. The whole idea around SSL is trusting the site you are communicating with, all parties need to be trusted. This stops hackers from replicating their site and intercepting data.
If the administrator of the remote site is not willing to renew the certificate, are they really interested in SSL. I suggest they expose a non SSL service.
cheers
James

"Security error accessing url" - Accessing HTTP service running on another machine

Flex app is hosted as web service and is trying t access data
from HTTP Service
running on different machine. It throws following error
[RPC Fault faultString="Security error accessing url"
faultCode="Channel.Security.Error" faultDetail="Destination:
DefaultHTTP"]
at
mx.rpc::AbstractInvoker/
http://www.adobe.com/2006/flex/mx/internal::faultHandler
at mx.rpc::Responder/fault()
at mx.rpc::AsyncRequest/fault()
at ::DirectHTTPMessageResponder/securityErrorHandler()
at
flash.events::EventDispatcher/flash.events:EventDispatcher::dispatchEventFunctio
n()
at flash.events::EventDispatcher/dispatchEvent()
But when I run the HTTP Services (data provider) on same
machine application
works fine.
Already used crossdomain.xml

Sorted the cross domain problem by using mx:Webservice rather
than an httpservice.

Security error accessing ur unable to load wsdl

HI
I am using a webservice(.net webservice) that is on my
localhost and using it in flex application that is also on my
system. Means both the webservice and flex application are on the
same system.
But when i gives the reference of the webservice using the
system ip and run the application by the flex builder it generates
the error as:
mx.messaging.messages::ErrorMessage)#0
body = (Object)#1
clientId = "DirectHTTPChannel0"
correlationId = "24CD6542-F141-1A05-BA35-00A108CB30A0"
destination = ""
extendedData = (null)
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
headers = (Object)#2
messageId = "CC123DF0-0E6C-05FF-7894-00A109676283"
rootCause = (flash.events::SecurityErrorEvent)#3
bubbles = false
cancelable = false
currentTarget = (flash.net::URLLoader)#4
bytesLoaded = 0
bytesTotal = 0
data = (null)
dataFormat = "text"
eventPhase = 2
target = (flash.net::URLLoader)#4
text = "Error #2170: Security sandbox violation:
http://localhost:3000/MYCIMS/flex_bin/Design.swf
cannot send HTTP headers to
http://myip/MyServer/AdminWS.asmx."
type = "securityError"
timestamp = 0
timeToLive = 0
I have put crossdomain.xml file in the root of the localhost
and made every changes possible in the crossdomain.xml file but the
application is not running.
Please somebody provide an effective solution, I have spend
lots of time to resolve the problem but its not being....
Thanks in advance
Gopi Saini

Have you seen this blog
"Crossdomain.xml" in ABAP Web AS Server cache

Security Error when creating a web service with Flex

Hello comminuty.
I'm using Flex to create a standalone application and I have to use web services to retrieve data from SAP.
I used the bapi bapi_flight_getlist to create an associated WS that works fine (tested with the Eclipse's WS Explorer).
In Flex Builder, I use the following code to create my web service:
     <mx:WebService
          showBusyCursor="true"
          id="service"
          wsdl="{wsdl}"
          result="resultCreateWSHandler(event);"
          fault="faultCreateWSHandler(event);">
            <mx:operation name="FlightGetList"
                 result="resultWSHandler(event)"
                 fault="faultWSHandler(event)"></mx:operation>
        </mx:WebService>
And this is the error I'm getting:
(mx.messaging.messages::ErrorMessage)#0
body = (null)
clientId = "DirectHTTPChannel0"
correlationId = "E578ED8C-EF29-44E7-8D57-57B4DB6EB613"
destination = ""
extendedData = (null)
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
headers = (Object)#1
    DSStatusCode = 0
messageId = "6E7AC45E-418D-90CD-96AD-57B52DB1DAF4"
rootCause = (flash.events::SecurityErrorEvent)#2
    bubbles = false
    cancelable = false
    currentTarget = (flash.net::URLLoader)#3
      bytesLoaded = 0
      bytesTotal = 0
      data = (null)
      dataFormat = "text"
    eventPhase = 2
    target = (flash.net::URLLoader)#3
    text = "Error #2048: Violation de la sécurité Sandbox : http://localhost:8300/ztest2/bin-debug/ztest2.swf ne peut pas charger de données à partir de http://XXXX:8006/sap/bc/srt/wsdl/bndg_DEB8A28C2E19EEF19C080050568D135B/wsdl11/allinone/ws_policy/document?sap-client=800."
    type = "securityError"
timestamp = 0
timeToLive = 0
Translation: "Error #2048: Sandbox security violation: http:....swf cannot load data from http:...client=800"
Would any of you have an idea about what is causing this error??
Thanks for any help you can provide.
Regards,
C.

Hi Cristina
Did your flex application worked. i am also having same problm. cant access the BAPI from standalone flex application.
Jay

Urgent requirement : security error accessing url and http error: standalone flex

Hi,
I have a requirement to create record from standalone flex. I am using Flex builder 3.
I used Flex-force toolkit to login to salesforce. The swf file generated when used internal to salesforce it works great.
But my requirement is to run it from public sites page / standalone pages. How will I configure it? I am getting error 'security error accessing url', default HTTP
The requirement is on priority, please help me to resolve this issue.
The login code is also furnished below. please help.
Full error details:
(com.salesforce.events::ApexFaultEvent)#0
bubbles = false
cancelable = true
context = (null)
currentTarget = (null)
eventPhase = 2
fault = (mx.rpc::Fault)#1
    content = (null)
    errorID = 0
    faultCode = "Channel.Security.Error"
    faultDetail = "Destination: DefaultHTTP"
    faultString = "Security error accessing url"
    message = "faultCode:Channel.Security.Error faultString:'Security error accessing url' faultDetail:'Destination: DefaultHTTP'"
    name = "Error"
    rootCause = (flash.events::SecurityErrorEvent)#2
      bubbles = false
      cancelable = false
      currentTarget = (flash.net::URLLoader)#3
        bytesLoaded = 0
        bytesTotal = 0
        data = (null)
        dataFormat = "text"
      eventPhase = 2
      target = (flash.net::URLLoader)#3
      text = "Error #2170: Security sandbox violation: file:///C|/Users/R/DOCUME%7E1/FLEXBU%7E1/TESTLO%7E1/BIN%2DRE%7E1/TESTLO%7E1.SWF cannot send HTTP headers to https://login.salesforce.com/services/Soap/u/14.0?1000.1153011256829."
      type = "securityError"
headers = (null)
message = (mx.messaging.messages::ErrorMessage)#4
    body = (null)
    clientId = "DirectHTTPChannel0"
    correlationId = "B8A1B02E-CE17-DCBA-4894-F2E4CBEB7C04"
    destination = ""
    extendedData = (null)
    faultCode = "Channel.Security.Error"
    faultDetail = "Destination: DefaultHTTP"
    faultString = "Security error accessing url"
    headers = (Object)#5
      DSStatusCode = 0
    messageId = "41F6A90D-ECAE-EA2D-7C84-F2E4DABD72F3"
    rootCause = (flash.events::SecurityErrorEvent)#2
    timestamp = 0
    timeToLive = 0
messageId = "41F6A90D-ECAE-EA2D-7C84-F2E4DABD72F3"
statusCode = 0
target = (null)
token = (mx.rpc::AsyncToken)#6
    message = (mx.messaging.messages::HTTPRequestMessage)#7
      body = "<se:Envelope xmlns:se="http://schemas.xmlsoap.org/soap/envelope/"><se:Header xmlns:sfns="urn:partner.soap.sforce.com"/><se:Body><login xmlns="urn:partner.soap.sforce.com" xmlns:ns1="sobject.partner.soap.sforce.com"><username>uname</username><password>pwdandsec token</password></login></se:Body></se:Envelope>"
      clientId = (null)
      contentType = "text/xml; charset=UTF-8"
      destination = "DefaultHTTP"
      headers = (Object)#8
        DSEndpoint = "direct_http_channel"
      httpHeaders = (Object)#9
        Accept = "text/xml"
        SOAPAction = """"
        X-Salesforce-No-500-SC = "true"
      messageId = "B8A1B02E-CE17-DCBA-4894-F2E4CBEB7C04"
      method = "POST"
      recordHeaders = false
      timestamp = 0
      timeToLive = 0
      url = "https://login.salesforce.com/services/Soap/u/14.0?1000.1153011256829"
    responders = (Array)#10
      [0] (::SalesForceResponder)#11
    result = (null)
type = "fault"
Login code:
[Bindable] public var sfdc:Connection = new Connection();
private function login():void {
Security.loadPolicyFile("http://salesforce.com/services/crossdomain.xml");
var lr:LoginRequest = new LoginRequest();
lr.username = "uname";
lr.password = "pwdtoken";
sfdc.protocol = "https";
sfdc.serverUrl = "https://login.salesforce.com/services/Soap/u/14.0";
lr.callback = new AsyncResponder(loginSuccess, loginFault);
sfdc.login(lr);

This is resolved.
I have copied the crossdomain.xml file to tomcat Root folder
and the issue is resolved.

Flex security error message

Ok, so when I pass in a user:pass with the url, it works
inside Eclipse, HOWEVER when I export my project and run it from
it's exported location (on my local box and the server), I get the
following error:
faultCode:Channel.Security.Error faultString:'Security error
accessing url' faultDetail:'Destination: DefaultHTTP'
What does this mean?

The flash player enforces a variety of security rules. Most
if not all of these
are turned off when running from eclipse. One of the rules is
you are not allowed to access a url from a different domain then
your flex application swf file was
served from.
So you flex app comes from
http://myserver:8080/MyWeb/myFlex.html
but you are trying to access
http://otherServer:9000/something.xml
So you have two choices:
Put a crossdomain.xml file in the root of otherServer or
write a proxy
for myServer that forwards your requests.
Look in the doc for the crossdomain.xml format. It's a bit
vague as to the location. They just say the ROOT of the webServer.
In tomcat that is in webapps/ROOT other web servers may be
different. To test
if your crossdomain policy file is in the correct spot you
should be able to see the file by entering
http://otherServer:9000/crossdomain.xml

"Security error accessing url" only in Internet Explorer

I'm running Flex 4 with Flash 11.1.102.55. Here is my crossdomain.xml.
<cross-domain-policy>
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="SOAPAction"/>
</cross-domain-policy>
Chrome and Firefox are fine loading the web services. However, all versions of IE (7, 8 and 9) return this error:
[RPC Fault faultString="Security error accessing url" faultCode="Channel.Security.Error" faultDetail="Unable to load WSDL. If currently online, please verify the URI and/or format of the WSDL (http://api.example.com/Service/Service.asmx?WSDL)"]

I just downloaded IE 10 (I was running IE9) and the error message doesn't pop up. Go figure. Though the Audio player is positioned differently in every browser.

*Security Error Issue while accessing youtube search method.

Hello All,
I am creating a flex aplication which has youtube videos search control. it works fine on local , but when I am trying to access this from any server its getting security error "[RPC Fault faultString="Security error accessing url" faultCode="Channel.Security.Error" faultDetail="Destination: DefaultHTTP"] " while accessing the search method url using httpservice. Can any one help me.
Thanks.

You may need to add the -use-network=true compiler argument. When in Flex Builder this does not matter as much:
From Flex Builder main menubar, Project - Properties - Flex Compiler - Additional compiler arguments: -use-network=true
If this post answers your question or helps, please mark it as such.

Webservice call throws Channel.Security.Error

Similar Messages

Maybe you are looking for