error #2048 Security sandbox violation - cannot load data - apache-flex

I get the below error when i am trying to make a java call from flex.
[RPC Fault faultString="Send failed"
faultCode="Client.Error.MessageSend"
faultDetail="Channel.Security.Error error
Error #2048: Security sandbox violation:
'http://sample.com/sample.swf' cannot
load data from
http://sample:8080/messagebroker/amf.
url:
'http://sample:8080/messagebroker/amf'"]
When i tried running the same in my local tomcat server, this was working fine. But when hosted as a site, i am getting this error. I tried placing the crossdomain.xml file in the root directory too. But the error would never go. crossdomain file is like below.
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="*" to-ports="*"/>
<cross-domain-policy/>
The logs says this
Connection to
'http://sample:8080/messagebroker/amf'
halted - not permitted from
http://sample.com/sample.swf.
has anyone faced a similar problem in hosting a flex site?

Take a look you have a different domains http://sample.com/ and http://sample:8080/.

A bit late to the game, but some other items to check.
You stated you can run off of the local instance of tomcat. I am going to assume you are invoking this service as localhost and not by IP address (and/or computer name). If you are running a flex app and you have not changed your run configurations, you are running from to localhost. Once you leave the locahost domain, ensure that you go into your run configurations (the little down arrow next to the run or debug button), and enter the local path you are running the application from using your IP address. Now you will be running IP address of application to IP address (or whatever not localhost) of service. This usually will resolve the problem.
Next, ensure your crossdomain.xml file is located at the ROOT of the server. you should be able to browse to http://yourhostname/crossdomain.xml. There should not be any pathing involved. crossdomain.xml should be at root level of hosting service.
It might also be necessary to set your local instance of workspace for Flex to a virtual directory under your web server (IIS, tomcat). In my case I can browse to 127.0.0.1/workspace/someflexapp/bin-debug/projectname.html and the flex app will run.
Been through this many times and following the above steps has always resolved the problems.
You can use a crossdomain.xml file such as below for open access to most everything that flex will request from a web/soap service.
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" to-ports="*"/>
<allow-http-request-headers-from domain="*" headers="*"/>
<allow-http-request-headers-from domain="*"/>
</cross-domain-policy>

Related

Runtime Error when accessing virtual directory on remote server IIS7

I'm having issues with a virtual directory mapped to a folder on a remote server. Basically what I want to do is to fetch an xml file located on the remote server through a request to a web server, e.g http://example.com/Archive/file.xml, where "Archive" is a virtual directory pointing to a folder on the remote server. I'm not using application/pass-through authentication.
When the virtual directory points to a local folder on the web server machine everything works fine.
I have another site running on the same server, difference being that this other site (where the virtual directory mapping to the remote server works fine) is a Web Forms site and the one I'm having trouble with is a .NET MVC site. My first idea was that there's something fishy with routes configured for the MVC site, but in that case it wouldn't work when the archive is mapped to a local folder (I suppose).
So, the question, what am I missing? It seems to be something in the IIS configuration...
Web server setup: Windows Server 2008 Standard, IIS7, Site running on .NET MVC
File server setup: Windows Server 2008 Standard
(both servers are on the same subnet and can reach each other on 192.168.0.X)
Edit: After adding a web.config to the folder on the remote server, I get this error instead. Permissions are, from what I can tell, correctly configured:
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: An error occurred loading a configuration file: Failed to start monitoring changes to '\\fileserver\c$\inetpub\wwwroot\Archive\fileDir' because access is denied.
Source Error:
[No relevant source lines]
The web.config in fileDir looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="365.00:00:00" />
</staticContent>
</system.webServer>
Looking in the Windows Event Viewer I find the following application error:
Failed to start monitoring changes to '\\fileserver\c$\inetpub\wwwroot\Archive\fileDir' because access is denied.
Just an update as I found this old question and remember how it was solved:
The problem was with our internal DNS server which has been a pain ever since it was introduced. Accessing the remote directory on its IP instead solved the problem.
Cheers!

Flex3 Error 2048 in flex application

I am getting Error "2048" while accessing one of my deployed application of flex which is deployed on apache server.
I am using database which is hosted on other server and my application is on different server.
I have added crossdomain.xml in application's directory eg. apache.../webapps/MyApplication/crossdomain.xml
I can access crossdomain.xml successfully.
Are you loading the crossdomain.xml file manually by loadPolicyFile() function ?
System.security.loadPolicyFile("http://yourdomain.com/webapps/MyApplication/crossdomain.xml");
or
try moving the crossdomain.xml file to the root of your web server as http://yourdomain.com/crossdomain.xml
Also you can use flashbug extension for firebug to see all the policy violations... its very handy.
Get Flashbug
You are on the right way.
When you required information from an application on a host, you have, for flash security purpose, to copy the crossdomain.xml file in the root web dir on the server hosting the application.
Now maybe the problem comes from your crossdomain.xml file, try this one :
<?xml version="1.0"?>
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
<allow-access-from domain="*" secure="false" />
</cross-domain-policy>

Access JAX-RS using Flex

I have a JAX-RS (Rest) web service, that only enables access through SSL.
If I try to acces it though IE feeding the according parameters, I get the correct response.
Now using Flex's HTTPService component like this:
<s:HTTPService id="httpsService"
url="https://myIp:myHTTPSPort/JAXRS/jaxrs/GetText"
resultFormat="text"
result="httpsService_resultHandler(event)"
fault="httpsService_faultHandler(event)">
<s:request>
<text>My Text</text>
</s:request>
</s:HTTPService>
The fault event is started with the "HTTP request error" faultstring.
I already added this crossdomain file to the WEB-INF folder of the web service project:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="flexApplicationIp" secure="true"/>
</cross-domain-policy>
...but as you might have guessed didn't work.
I have a self generated HTTPS certificate on the host of my web service, so I dont'k know if I need to add it on Flex somewhere.
Any ideas?
at least, crossdomain.xml should be placed in root of your war file, because it has to be accessible by flash plugin. according to specification, contents of WEB-INF is NOT directly accessible by clients.
Just added the certificate following the steps mentioned here and voilá... Got it working

adding crossdomain.xml to tomcat 6.0.24 to access webservices with Flex

I have to deploy a webapp on Tomcat 6.0.24, serving some webservices that should be accessed with REST-style methods (not fully REST, since the used flex class HTTPService can just send GET and POST).
The webservices are deployed at http://localhost:8080/-webappname-/rest/-methodname-
The problem is that the policy of flex sandbox (i think it is called so) requires that the server with the services has to offer a file crossdomain.xml on his root directory.
I created that file with the following contents:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
Now i have to find the right place to put it, since i also have an apache server running on that machine, on port 80:
in the /var/www of apache?
Accessible at http://localhost/
in the ROOT of the tomcat default
webapp? Accessible at
http://localhost:8080/
I am testing it and it does not seem to work. Maybe i am not doing it right.
PS: I think Apache is not configured to manage Tomcat-addressed requests, every request is dispatched by port, i think.
I can not provide the exact flex error since i am not developing that part. I will try to make a minimal example in the next hours and see if i can reproduce the problem.
It actually doesn't matter where you stick it (physically) as long as the URL request "http://localhost:8080/crossdomain.xml" returns the right file.

How to put a file in an ASP web root? (Cross domain problem)

I'm having issues with cross domain access from a Silverlight project to a WCF service in ASP.
This tutorial recommends making crossdomain.xml or clientaccesspolicy.xml files and putting them in the web root of the service.
I have made these files, and put them in the top level of the project in Visual Studio. I'm still having the problem. Does that mean that I have the files in the wrong place?
clientaccesspolicy.xml:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
crossdomain.xml:
<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resource include-subpaths="true" path="/"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
Update: I'm currently just working on the development server. How can I make it work there?
As far as I know they have to go in the root directory of the web server ( / ) and not the root of your web project.
These files must be deployed along with the WCF service on the IIS web-server.
So the "root" is not the one of your project but the one of the web-site (in the sense of a IIS web-site).
One problem you end up with using the developement web server is that the web project holding your WCF service may well specify a virtual path. This places what appears at the root of the project in a virtual folder down from the "/" root from the clients perspective. Hence placing a clientaccesspolicy.xml file at the root of your project doesn't put the file at "/clientaccesspolicy.xml" where the silverlight client will expect it to be.
In Visual Studio open the properties window for the web project hosting you WCF services, select the Web tab, set the Virtual Path to "/". (You probably want to do that before you create the references and proxies to it in the Silverlight project).
BTW unless you intend to support client technologies other than Silverlight you do not need the crossdomain.xml file.
My files were in the right place. The problem is that the names of those two files were swapped - the SL cross domain rules were named with the Flash file name, and vice versa.

Resources