Archive for February, 2010

LCDS with SSL Termination with Load Balancer fails

If using SSL with a Load Balancer it’s possible you will run into problems trying to reach the LCDS server. The reason for this is caused by the endpoint URL that LCDS is expecting.

This diagram shows a Client Browser request to an HTTPS Load Balancer with SSL Terminiation. Notice that the request is sent from the Load Balancer to the application server with HTTP data.

lb_example.png

Within LCDS most endpoints are servlets within waiting for a request. The messagebroker/amfsecure endpoint is defined within the services-config.xml file for LCDS under the WEB-INF/flex/ directory.

<channel-definition id=”my-amf-secure” class=”mx.messaging.channels.SecureAMFChannel“>
<endpoint url=”https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure” class=”flex.messaging.endpoints.SecureAMFEndpoint “/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
</properties>
</channel-definition>

lb_step1.png

Notice in the configuration above we want to send a request from the Client to the Load Balancer as SSL. To do this the SWF uses a channel-definition for SSL. The following class will be used by the SWF to create the channel within ActionScript class=”mx.messaging.channels.SecureAMFChannel“. This will send the request to the Load Balancer where it will terminate the SSL and decrypt it.

The next step in this process is to pass the data from the Load Balancer to the Application server as in the diagram below.

lb_step2.png

On the server we need to modify the endpoint so it will not use a class that tries to decrypt the data. In this case we will use the endpoint class that specifies AMFEndpoint.

<channel-definition id=”my-amf-secure” class=”mx.messaging.channels.SecureAMFChannel“>
<endpoint url=”https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure” class=”flex.messaging.endpoints.AMFEndpoint “/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
</properties>
</channel-definition>

With this modification the request is received on the server at the endpoint https://{server.name}:{server.port}{context.root}/messagebroker/amfsecure/ it will use the flex.messaging.endpoints.AMFEndpoint to process the request. This endpoint will not decrypt the data and will pass back the request to the Load Balancer.

Share on Facebook

Adobe AIR 2 Beta 1 apps will not work with AIR 2 beta 2 runtime

Adobe AIR 2 Beta 1 apps will not work with AIR 2 beta 2 runtime

NOTE: Applications built against Adobe AIR 2 beta 1 will not run using the AIR 2 beta 2 runtime. In order for an AIR 2 beta 1 application to run on the AIR 2 beta 2 runtime, the namespace of the beta 1 application descriptor file must first be updated to “2.0beta2″ and compiled against the AIR 2 beta 2 SDK. .

Download the runtime here .

Share on Facebook