It also appears BlazeDS doesn't agree with the Flex documentation... Channelset says the RO is authenticated if one of the channels in the set is.
I set up two ROs, and two Channelsets each with the same two Channels but in a different order (secure first in one, non-secure in the other), then authenticated using the secure. When trying to use the non-secured one, I get the following RPC Fault faultString="An Authentication object was not found in the SecurityContext" faultCode="Client.Authentication" faultDetail="null"] So the Channelset isn't authenticated, only one of the channels is. Confusing!
