Configuration Changes to run BLAZEDS based Adobe flex application on Desktop - apache-flex

I am trying to run an adobe flex based application outside browser. Application is compiled using 'services-config.xml' file as parameter. In services-config.xml file the channels were configured as
<channel-definition id="my-secure-amf" class="mx.messaging.channels.SecureAMFChannel">
<endpoint url="http://{server.host}:{server.port}/{context.root}/messagebroker/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
<polling-enabled>true</polling-enabled>
<polling-interval-millis>0</polling-interval-millis>
<wait-interval-millis>-1</wait-interval-millis>
<max-waiting-poll-requests>0</max-waiting-poll-requests>
</properties>
</channel-definition>
and so on to pick host and port dynamically.
Now I have downloaded adobe_content_debugger.exe which allows me to run .swf file outside browser. However all the requests that are made to server go to http://localhost/contextRoot/messagebroker/amf. The {server.host} is picked up as localhost and {server.port} as empty value. Hence I cannot interact with backend server. How can we overcome this problem ?
Solutions I tried...
1) https://www.adobe.com/devnet/livecycle/articles/externalize_serviceconfig.html
This post asks you programatically create AMFChannel/channelset and add it to RemoteObject.
var channel:AMFChannel = new AMFChannel("my-amf", amfEndpoint);
channelSet.addChannel(channel);
_serviceControl.channelSet = channelSet;
_serviceControl.channelSet.addChannel(channel);
where _serviceControl is the remoteObject. But even after this the request is made to http://localhost/contextRoot/messagebroker/amf. I tried multiple combinations but only in vain. Will programatically creating channelSet make settings comming from services-config file redundant ? services-config file refers other files like 'remoting-config.xml', 'proxy-config.xml', 'messaging-config.xml' which contains information on 'destinations'
Solution 2)
Change services-config.xml as
<channel-definition id="my-secure-amf" class="mx.messaging.channels.SecureAMFChannel">
<endpoint url="http://example.com/8556/{context.root}/messagebroker/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
<polling-enabled>true</polling-enabled>
<polling-interval-millis>0</polling-interval-millis>
<wait-interval-millis>-1</wait-interval-millis>
<max-waiting-poll-requests>0</max-waiting-poll-requests>
</properties>
</channel-definition>
Then just map example.com to server IP in host file. This is a workaround but now the port is hard-coded and cannot be changed. Unless a proxy server is introduced.
Can someone help ?

Related

ASP.Net Web.config client endpoint name

I have a service that has references to other services with some of them being references to different environments of the same service (e.g. prod/test).
I am using the #if precompile directive to include different versions of these references with the using statement. Example:
#if Debug
using ServiceTest
#else
using ServiceProd
#endif
In the Web.config file I have two child nodes inside the <client> node. Example:
<client>
<endpoint address="http://test.domain.com/Service"
binding="basicHttpBinding" bindingConfiguration="Service"
contract="ServiceTest" name="Service" />
<endpoint address="http://prod.domain.com/Service"
binding="basicHttpBinding" bindingConfiguration="Service"
contract="ServiceProd" name="Service" />
</client>
Is the above part of the Web.config valid or not? More precisely, can there be any side-effects because of having two endpoints with the same name and binding configurations? The main concern is having a wrong endpoint called (e.g. calling prod endpoint instead of test or the other way around).
Any guidance and advice regarding the above will be really appreciated.
Is the above part of the Web.config valid or not?
Every time when you run your application CLR reads web.config file and deserialize it as an object. To deserialize XML it's uses classes declaration in "configSections" section of your config file.
So, the answer "valid or not" depends on implementation of "client" configuration section. I believe this should be part of your application or code from nuget library. This is why we can't answer you with confidence.
More precisely, can there be any side-effects because of having two endpoints with the same name and binding configurations?
Frankly, I don't understand how this should work. In what manner 3rd library should know that it needs to load first but not second client endpoint?
Possible solutions.
You can use web.config transformation. There are tons of resources about this feature of .NET Framework.
The simplest scenario would be to substitute endpoint address keeping the same endpoint name.
Another common scenario is to give different endpoint names and keep "alive" endpoint name in AppSettings. In this case your code should resolve endpoint name first and then actual endpoint address.

How can I switch an existing Azure web-role from http over to https

I have a working Azure web role which I've been using over an http endpoint. I'm now trying to switch it over to https but struggling mightily with what I thought would be a simple operation. (I'll include a few tips here for future readers to address issues I've already come across).
I have created (for now) a self-signed certificate using the powershell commands documented by Microsoft here and uploaded it to the azure portal. I'm aware that 3rd parties won't be able to consume the API while it has a self-signed certificate but my plan is to use the following for local client testing before purchasing a 'proper' certificate.
ServicePointManager.ServerCertificateValidationCallback += (o, c, ch, er) => true;
Tip: you need upload the .pfx file and then supply the password you used in the powershell script. Don't be confused by suggestion to create a .cer file which is for completely different purposes.
I then followed the flow documented for configuring azure cloud services here although many of these operations are now done directly through visual studio rather than by hand-editing files.
In the main 'cloud service' project under the role I wanted to modify:
I imported the newly created certificate. Tip: the design of the dialog used to add the thumbprint makes it very easy to incorrectly select the developer certificate that is already installed on your machine (by visual studio?). Click 'more options' to get to _your_ certificate and then check the displayed thumbprint matches that shown in the Azure portal in the certificates section.
Under 'endpoints' I added a new https endpoint. Tip: use the standard https port 443, NOT the 'default' port of 8080 otherwise you will get no response from your service at all
In the web.config of the service itself, I changed the endpoint binding for the service so that the name element matched the new endpoint.
I then published the cloud project to Azure (using Visual Studio).
At this point, I'm not seeing the results I expected. The service is still available on http but is not available on https. When I try to browse for it on https (includeExceptionDetailInFaults is set to true) I get:
HTTP error 404 "The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable"
I interpret this as meaning that the https endpoint is available but the service itself is bound to http rather than https despite my changes to web.config.
I have verified that the publish step really is uploading the new configuration by modifying some of the returned content. (Remember this is still available on http.)
I have tried removing the 'obsolete' http endpoint but this just results in a different error:
"Could not find a base address that matches scheme http for the endpoint with binding WebHttpBinding. Registered base address schemes are [https]"
I'm sure I must be missing something simple here. Can anyone suggest what it is or tips for further trouble-shooting? There are a number of stack-overflow answers that relate to websites and suggest that IIS settings need to be tweaked but I don't see how this applies to a web-role where I don't have direct control of the server.
Edit Following Gaurav's suggestion I repeated the process using a (self-signed) certificate for our own domain rather than cloudapp.net then tried to access the service via this domain. I still see the same results; i.e. the service is available via http but not https.
Edit2 Information from csdef file... is the double reference to "Endpoint1" suspicious?
<Sites>
<Site name="Web">
<Bindings>
<Binding name="Endpoint1" endpointName="HttpsEndpoint" />
<Binding name="Endpoint1" endpointName="HttpEndpoint" />
</Bindings>
</Site>
</Sites>
<Endpoints>
<InputEndpoint name="HttpsEndpoint" protocol="https" port="443" certificate="backend" />
<InputEndpoint name="HttpEndpoint" protocol="http" port="80" />
</Endpoints>
<Certificates>
<Certificate name="backend" storeLocation="LocalMachine" storeName="My" />
</Certificates>

How to force soap header authentication for my scenario?

The problem is: I need to connect to a soap web service; generated by java code; using ASP.Net client via C# through MS Visual Studio 2013.
Try 1, The usual way:
I have added a web service reference using the wsdl and by assigning the credentials like:
Credentials.Username.Username = "test";
Credentials.Password.Password = "test";
When executing, the following exception is being encountered:
The login information is missing!
Try 2:
I have searched for similar problems like:
how-to-go-from-wsdl-soap-request-envelope-in-c-sharp
Dynamic-Proxy-Creation-Using-C-Emit
c# - Client to send SOAP request and received response
I had chosen to generate a proxy class using the wsdl tool, then added the
header attribute, but I have found the following note from Microsoft:
Note: If the Web service defines the member variables representing the SOAP headers of type SoapHeader or SoapUnknownHeader instead of a class deriving from SoapHeader, a proxy class will not have any information about that SOAP header.
Try 3:
I have tried to change the service model in the client web.config:
<bindings>
<basicHttpBinding>
<binding name="CallingCardServicePortBinding">
<security mode="TransportWithMessageCredential" >
<message clientCredentialType="UserName"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
Then added the credentials like the first try, but the following error appears:
MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood
So, now I don't know what to do !
I have no control over the web service and I need to build a client that understands it.
Help Please!
The Soap Request template is the following:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="...">
<soapenv:Header>
<credentials>
<userName>someUserName</userName>
<password>somePassword</password>
</credentials>
</soapenv:Header>
<soapenv:Body>
<ser:someRequest>
.......
.......
.......
</ser:someRequest>
If the destination web service uses authentication, then just ASMX won't do, since it is not aware of authentication, encryption etc. You have 2 options:
Use Microsoft WSE: http://www.microsoft.com/en-us/download/details.aspx?id=14089
this is nothing but an extension of ASMX which makes it Security/Encryption aware. (and some other features) technically, you'll be adding a reference to the WSE DLL and your Soap Proxy will extend from the WSE SOAP Client instead of the System one.
once you do that, the proxy class will have additional username/password properties that you can use to authenticate properly.
set the properties and see the outgoing request using fiddler. if the header is not what you want (because of namespaces etc.), then you can write a custom outgoing message inspector and modify the soap request nicely.
The other option (preferred) is to use WCF.
ASMX and WSE are older than WCF. WCF tries to bring all the web service nuances under one roof. if you get a WCF service reference, it (svcutil.exe) will automatically create the proxy class and the right bindings for you. (mostly custom)
once you do that, try setting the user name and password.
if that doesn't work, (i have frequently struggled to generate the right soap header for remote java based services that require username/password authentication), you can define a static header chunk in the web.config/app.config, that'll be sent as part of every request.
e.g.
<client>
<endpoint>
<headers>
<credentials>
<userName>someUserName</userName>
<password>somePassword</password>
</credentials>
</headers>
</endpoint>
</client>

Making WCF service work

I'm using Visual Studio Express 2010, I've created WCF service called OperatorService.svc. Two files were added to my App_Code IOperatorService.cs and OperatorService.cs.
My web.config was updated with
<system.serviceModel>
<services>
<service name="OperatorService">
<endpoint address="https://ssl.mysite.com/WCF/OperatorService"
binding="ws2007HttpBinding"
bindingConfiguration="SecurityByTransport"
contract="IOperatorService" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="SecurityByTransport">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
Now when i'm trying to access this service online, get an error to create EndPoint but i can't figure our how to create EndPoint especially when WCF address is SSL HTTPS: enabled website.
Can someone help meh?
The endpoint address, if you are IIS hosting, should be either left empty or a relative address.
WCF services can have base addresses. A base address defines a core part of the address space that the service can listen on and endpoints are defined relative to that base address. If you leave the address empty then the endpoint listens on the base address.
When you are self hosting you can specify a base address in a couple of different ways: in the ServiceHost constructor or in the config file. However, if you are IIS hosting then the base address is already a given - it is the location of the .svc file
As far as HTTPS goes, if you say that you are using transport security then the base address will automatically map to HTTPS as long as that is enabled as a protocol in web application in IIS manager. However, if you are using the Visual Studio Web Development Server (aka Cassini) then that does not support SSL
Launch the WCF config tool (SvcConfigEditor.exe, it is a available in the menu of Visual Studio, otherwise the path should be C:\Program Files\Microsoft SDKs\Windows\v6.0\Bin) and open your config file, it is GUI tool to help you make a correct config.
The error in the config file is an incomplete endpoint element, you need to specify some attributes on the endpoint to make it work. The easiest way is to use the config tool, but of course it can be hand written. MSDN has a reference on the syntax.

Can't access database on the remote server

I am a newbie, so bear with me. I have a SQL Server database located on a remote server. In Visual Studio 2010, I was able to create an entity data model (which contained user credentials so it designed remote database schema) and a simple WCF service. In localhost, I was able to fetch and retrieve data. But, after I published the ASP.NET project, I noticed that I can't query the same database. Both the database and the application files are now on the same server.
What could be the reason as to why the local environment can query the remote server but the deployed app can't? Do I need to reconfigure the data model or something else?
Check the connectionstring placed in the web.config for the following:
userid and password> Are they filled?
data source> Does this point to the server?
Check the error messages. What message does the WCF service return?
Silverlight crossdomain access file.
Create a new textfile and name it clientaccesspolicy.xml and put it in the root of your webproject.
File content:
(This allowed all and everyone, must be tweaked off course :D)
<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>

Resources