3
votes

I'm trying to configure BlazeDS to work over HTTPS. We've got Apache in the front that is set to redirect all http traffic to https. Apache then communicates with the application (a JBoss AS 5.1) via http.

I've tried a lot of configurations for BlazeDS, and finally the following solution worked for me:

services-config.xml

<services-config>
<services>
    <service-include file-path="remoting-config.xml" />
    <service-include file-path="messaging-config.xml" />
</services>

<channels>
    <channel-definition id="my-secure-amf"
        class="mx.messaging.channels.SecureAMFChannel">
        <endpoint
            url="https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure"
            class="flex.messaging.endpoints.AMFEndpoint" />
        <properties>
            <add-no-cache-headers>false</add-no-cache-headers>
        </properties>
    </channel-definition>
    </channels>
</services-config>

remoting-config.xml

<service id="remoting-service" class="flex.messaging.services.RemotingService">

<adapters>
    <adapter-definition id="java-object" class="flex.messaging.services.remoting.adapters.JavaAdapter" default="true"/>
</adapters>

<default-channels>
    <channel ref="my-secure-amf"/>
</default-channels>

<destination id="MyService" >
    <properties>
        <source>path.to.my.Service</source>
        <scope>application</scope>
    </properties>
</destination>

The thing here is that in my-secure-amf channel, I use mx.messaging.channels.SecureAMFChannel in the channel-definition, and flex.messaging.endpoints.AMFEndpoint (not flex.messaging.endpoints.SecureAMFEndpoint). This has probably something with the Apache-Jboss setup to do, but I haven't found anything that explains what the different tags actually define.

To get some sense in all of this, could someone explain what happens when defining channels and endpoint, using different urls and classes?

1

1 Answers

5
votes

It works because the Flex application it is creating a SecureAMFChannel and is using the transcoded url information (url = https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure) to connect to your Apache server. However because Apache is configured to connect to the application using HTTP you can't use a secure endpoint (the endpoint will check for "https" in front of your url scheme and it will throw an error if it's not found).

I'm using exactly the same configuration in one of my applications (I have a hardware balancer instead of an Apache server).