Announcement Announcement Module
Collapse
No announcement yet.
secured Remote method calls using AMFConnection Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • secured Remote method calls using AMFConnection

    Hi,

    For my spring Blazeds project, to do some testing, I am using flex.messaging.io.amf.client.AMFConnection class.

    I am able to connect and call remote methods.
    But I am not sure how to invoke remote method if my channel is made secured. I am using spring Security.

    Can any one please tell how to get an authentication object or session id and send it back while i make the remote calls.


    I get the below error when my channel is secured, which explains the reason for failure.

    Code:
    message: flex.messaging.MessageException: Unable to create a new instance of type 'org.springframework.security.AuthenticationCredentialsNotFoundException'. Types cannot be instantiated without a public, no arguments constructor.
    	code: AMFConnection.Call.Failed

    Thanks

  • #2
    [2] Anybody?

    I have the same problem.

    Anybody?

    Thanks

    Comment


    • #3
      I've never tried using AMFConnection. Can you provide a more specific example of what doesn't work?

      Comment


      • #4
        Something like that.

        final String URL = "http://127.0.0.1/project-web/messagebroker/amf";
        AMFConnection connection = new AMFConnection();
        try {
        connection.connect(URL);
        User user = getUserFromSomewhere();
        connection.call("userService.createUser", user);
        } catch (Exception e) {
        e.printStackTrace();
        throw e;
        } finally {
        connection.close();
        }
        Once UserService gets secured i canīt reach it anymore.

        I need to somehow create a session, so the java code can pass it along.

        TKS>

        Comment


        • #5
          After examining the AMFConnection class a little bit, it just doesn't look like it was intended to handle this sort of workflow. You might be able to get it to simulate a ChannelSet.login() call by sending a message in the right format, but I'm not exactly certain what that message looks like from the client side.

          It might be easier to extend the class and use the established HttpURLConnection to simulate a form-based login (assuming you've got Spring Security's form-login processing enabled). The key would be to make sure the session id from the login gets re-used in all of the proceeding AMF calls, which might require playing around with the headers a bit.

          Comment

          Working...
          X