I have deployed a Java EE application on JBoss-5.1.0. To have extra security I have fronted the JBoss with Apache + enabled ssl. Tomcat talks to server using (AJP 1.3 on port 8001). So my configuration looks like:
tomcat:443 (ssl) ---|--- Jboss:8080 (IpAddress:8080) (http)
This configuation seems to work well for all static and Dynamic pages except for flex part. My problems begin when I try access anything on flex part. The AMF channels fail and I can see the following stack trace on server log:
2012-04-13 16:19:50,940 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/catissuecore].[MessageBrokerServlet]] (ajp-127.0.0.1-8009-4) Servlet.service() for servlet MessageBrokerServlet threw exception flex.messaging.security.SecurityException: Secure endpoint '/messagebroker/amfsecure' must be contacted via a secure protocol. at flex.messaging.endpoints.AbstractEndpoint.validateRequestProtocol(AbstractEndpoint.java:862) at flex.messaging.endpoints.AbstractEndpoint.service(AbstractEndpoint.java:630) at flex.messaging.endpoints.AMFEndpoint.service(AMFEndpoint.java:99) at flex.messaging.MessageBrokerServlet.service(MessageBrokerServlet.java:424) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436) at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:384) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:662)
I have defined following channels in remote-config.xml:
<default-channels>
<channel ref="my-amf"/>
<channel ref="my-secure-amf"/>
</default-channels>
And my services-config.xml has following configuration
<channels>
<channel-definition id="my-amf" class="mx.messaging.channels.AMFChannel">
<endpoint uri="http://{server.name}:{server.port}/{context.root}/messagebroker/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
<properties>
<polling-enabled>false</polling-enabled>
</properties>
</channel-definition>
<channel-definition id="my-secure-amf" class="mx.messaging.channels.SecureAMFChannel">
<endpoint uri="https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
<properties>
<!--HTTPS requests on some browsers do not work when pragma "no-cache" are set-->
<add-no-cache-headers>false</add-no-cache-headers>
</properties>
</channel-definition>
Has anyone face this issue?
Any pointer will be of great use.
