Once you developed and tested Flex application locally you need to move it to the secured hosting environment to share it with the world. Usually, for simplicity/performance enterprises deploy J2EE servers behind standalone SSL accelerators/load balancers/proxies. It means that client sends data via SSL channel to SSL appliance, which in turn calls your server on the intranet via unsecured HTTP to minimize the processing cost.
You can configure the channel/endpoint in services-config.xml, but it would mean separate build for deployment. Here is an alternative “runtime” approcah:
- import mx.messaging.config.ServerConfig;
- private function preinitializeApplication() : void {
- const reUrl:RegExp = /(http|https):(([^:]+)(:([^@]+))?@)?([^://]+)(:([0-9]{2,5}))?(//([/w#!:.?+=&%@!/-//]+))?/;
- const appUrl:String = Application.application.url;
- const parts:Array = reUrl.exec(appUrl);
- if (!parts)
- throw new Error(”Invalid URL: ” + appUrl);
- /*
- (”Protocol:” + parts[1]);
- (”User: ” + parts[3]);
- (”Pass: ” + parts[5]);
- (”Host: ” + parts[6]);
- (”Port: ” + parts[8]);
- (”Path: ” + parts[10]);
- */
- if (parts[1] == “https” ) {
- const channels:XMLList = ServerConfig.xml..channels.channel;
- for (var channel:String in channels) {
- if (channels[channel].@type==”mx.messaging.channels.AMFChannel”) {
- channels[channel].@type=”mx.messaging.channels.SecureAMFChannel”
- var endpoint : XML = channels[channel].endpoint[0];
- var uri:String = endpoint.@uri
- uri = uri.replace( /^http:/, “https:” );
- uri = uri.replace( //{server.port/}/, “443″ );
- endpoint.@uri = uri;
- }
- }
- }
- }
As you can see, we check if the application is deployed over https and redirect regular remoting requests to https thus modifying deployment descriptors in the runtime.