You can mix them. What you need to do is make 2 ROs -- one tied to the secure service and one tied to the normal service.
<mx:RemoteObject id="RONormal" destination="ColdFusion" source="xxx" showBusyCursor="true"> <mx:RemoteObject id="ROSecure" destination="SecureColdFusion" source="xxx" showBusyCursor="true"> You can also build the the RO up in actionscript but I find it easier to use a "standard" services-config.xml file. In our environment I can't change the file so it's easier to use a common one on all our installs and customize things like endpoints if needed in the individual application actionscript. services-config.xml <?xml version="1.0" encoding="UTF-8"?> <services-config> <services> <service id="coldfusion-flashremoting-service" class="flex.messaging.services.RemotingService" messageTypes="flex.messaging.messages.RemotingMessage"> <adapters> <adapter-definition id="cf-object" class="coldfusion.flash.messaging.ColdFusionAdapter" default="true"/> </adapters> <destination id="ColdFusion"> <channels> <channel ref="my-cfamf"/> </channels> <properties> <source>*</source> <!-- define the resolution rules and access level of the cfc being invoked --> <access> <!-- Use the ColdFusion mappings to find CFCs, by default only CFC files under your webroot can be found. --> <use-mappings>true</use-mappings> <!-- allow "public and remote" or just "remote" methods to be invoked --> <method-access-level>remote</method-access-level> </access> <property-case> <!-- cfc property names --> <force-cfc-lowercase>false</force-cfc-lowercase> <!-- Query column names --> <force-query-lowercase>false</force-query-lowercase> <!-- struct keys --> <force-struct-lowercase>false</force-struct-lowercase> </property-case> </properties> </destination> <destination id="SecureColdFusion"> <channels> <channel ref="my-secureamf"/> </channels> <properties> <source>*</source> <!-- define the resolution rules and access level of the cfc being invoked --> <access> <!-- Use the ColdFusion mappings to find CFCs, by default only CFC files under your webroot can be found. --> <use-mappings>true</use-mappings> <!-- allow "public and remote" or just "remote" methods to be invoked --> <method-access-level>remote</method-access-level> </access> <property-case> <!-- cfc property names --> <force-cfc-lowercase>false</force-cfc-lowercase> <!-- Query column names --> <force-query-lowercase>false</force-query-lowercase> <!-- struct keys --> <force-struct-lowercase>false</force-struct-lowercase> </property-case> </properties> </destination> </service> </services> <channels> <channel-definition id="my-cfamf" class="mx.messaging.channels.AMFChannel"> <endpoint uri="http://{server.name}:{server.port}/flex2gateway/amf" class="flex.messaging.endpoints.AMFEndpoint"/> <properties> <add-no-cache-headers>false</add-no-cache-headers> <polling-enabled>false</polling-enabled> <serialization> <instantiate-types>false</instantiate-types> </serialization> </properties> </channel-definition> <channel-definition id="my-secureamf" class="mx.messaging.channels.SecureAMFChannel"> <endpoint uri="https://{server.name}:{server.port}/flex2gateway/secureamf" class="flex.messaging.endpoints.SecureAMFEndpoint"/> <properties> <add-no-cache-headers>false</add-no-cache-headers> <polling-enabled>false</polling-enabled> <serialization> <instantiate-types>false</instantiate-types> </serialization> </properties> </channel-definition> </channels> <logging> <target class="flex.messaging.log.ConsoleTarget" level="Error"> <properties> <prefix>[Flex] </prefix> <includeDate>false</includeDate> <includeTime>false</includeTime> <includeLevel>false</includeLevel> <includeCategory>false</includeCategory> </properties> <filters> <pattern>Endpoint.*</pattern> <pattern>Service.*</pattern> <pattern>Configuration</pattern> <pattern>Message.*</pattern> </filters> </target> </logging> <system> </system> </services-config> ----- Original Message ----- From: Laurence MacNeill To: flexcoders@yahoogroups.com Sent: Thursday, February 11, 2010 10:17 PM Subject: Re: [flexcoders] A security question... At 08:40 PM 2/11/2010, you wrote: You can and (i think) should do both. In my world of flex 3, I have created a secure destination (and channel) in the Flex services-config.xml file and use this for my remote object connection. I can post it if you like. Warren Koch Do you use it for all your RO connections? Because I don't really want to use SSL for every connection -- just the few that I need encrypted... Is there a way to "turn on" encryption just for one or two ROs, and leave the rest insecure? I'm concerned about speed and bandwidth -- secure connections are slower and take up more bandwidth. I don't want to bog the server down with thousands of SSL ROs when I only need a few... But yeah, I'd definitely like to see what you've created there -- please post it at your earliest convenience. Thanks, Laurence MacNeill Mableton, Georgia, USA