We have, as Carson mentioned, definately seen issues where the j_session_id is not properly propogated through the proxy. I would want to see, as Matt alludes to, do the credentials get propogated when we take the proxy out of the picture. I would create a simple JSP page which itself returns the UserPrincipal. Call that JSP from within your Flex app and read the value.
-- Dave Wolf Cynergy Systems, Inc. Macromedia Flex Alliance Partner http://www.cynergysystems.com Email: [EMAIL PROTECTED] Office: 866-CYNERGY --- In flexcoders@yahoogroups.com, "Matt Chotin" <[EMAIL PROTECTED]> wrote: > > You sure that JAAS successfully stores the Principal back in the user > request? If you did something similar via JSP would everything come > through correctly? I haven't played with JBoss but WebSphere for > example failed to store the authenticated principal in the request even > when I went through JAAS to login my user in. You traced to see that > your login module is called? > > > > ________________________________ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of Jim Schneider > Sent: Tuesday, February 14, 2006 2:12 PM > To: flexcoders@yahoogroups.com > Subject: FW: [flexcoders] setUsernamePassword and J2EE login (bounce) > > > > No one has any thoughts/ideas on this? > > > > ------------------------------------------------- > > Jim Schneider > > KJ Interactive, Inc. > > 1-877-370-6906 > > 1-612-605-5399 > > ________________________________ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of Jim Schneider > Sent: Saturday, February 04, 2006 12:01 PM > To: flexcoders@yahoogroups.com > Subject: RE: [flexcoders] setUsernamePassword and J2EE login > > > > I finally got back to looking at this. I Instrumented my code to look at > flashgateway.Gateway.getHttpRequest().getRemotePrincipal() and > getRemoteUser(). RemoteUser is empty and remote principal is null. I > see the userid/password credentials in the amf trace from the client > (setting UsernamePassword on the service), but nothing in the service. > > > > I'm using remote objects. Remote object is a spring bean. > > > > I've implemented a JAAS login module that appears to be functioning > correctly (loginContext succeeds). > > > > Using JBoss 4.0.x. > > > > Any thoughts? > > > > Thanks, > > > > Jim > > > > ________________________________ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of Carson Hager > Sent: Saturday, January 21, 2006 10:22 PM > To: flexcoders@yahoogroups.com > Subject: RE: [flexcoders] setUsernamePassword and J2EE login > > > > If you use standard J2EE auth to the container, you can get the remote > user provided you are not using the proxy. There is currently an issue > with the proxy not forwarding the cookie in most ( all that we've seen ) > circumstances. We have received a fix from Adobe on this that we are in > the process of testing. > > > > This being said, if you don't use the proxy, you'll be able to acccess > the user without issue from within your service implementations. Here's > the kicker. The AS2 VM doesn't not handle HTTP status code 500. It > stops parsing the HTTP response when it sees a 500 which means that you > will never be able to get at any data that occurs due to a SOAP Fault. > Per the web services spec, the container is required to return an HTTP > 500 status code when returning a fault. Effectively, you can't handle > SOAP faults when you don't use the proxy and you get that meaningless > error message that looks like it simply couldn't connect to the service. > This issue is "handled" by the proxy. It changes that HTTP status code > to 200 so that the flash player can parse the request. This is a kludge > if you ask me but that's where we are today. As a note, this is being > addressed in FP8.5 but the fix will very likely not ( according to Adobe > ) be fixed in earlier versions due to backward compatibility. > > > > > > Carson > > ____________________________________________ > > Carson Hager > Cynergy Systems, Inc. > http://www.cynergysystems.com <http://www.cynergysystems.com/> > > Email: [EMAIL PROTECTED] > Office: 866-CYNERGY > Mobile: 1.703.489.6466 > > > > > > > ________________________________ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of Matt Chotin > Sent: Saturday, January 21, 2006 7:37 PM > To: flexcoders@yahoogroups.com > Subject: RE: [flexcoders] setUsernamePassword and J2EE login > > I think you should be able to get it from the > flashgateway.Gateway.getHttpRequest().getRemotePrincipal() or > getRemoteUser(). > > > > ________________________________ > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On > Behalf Of Jim Schneider > Sent: Wednesday, January 18, 2006 8:32 AM > To: flexcoders@yahoogroups.com > Subject: [flexcoders] setUsernamePassword and J2EE login > > > > After calling setUsernamePassword on a service, is this information > "available" to the backend services (remote object or web service)? Or > perhaps after a J2EE/JAAS login? If so, how/where? > > > > We have a requirement to do a lot of logging of who's doing what in the > system and was wondering whether there are any alternatives to passing a > username/id with most/all APIs. > > > Thanks for any help. > > > > Jim > > > > > > > > -- > Flexcoders Mailing List > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > Search Archives: > http://www.mail-archive.com/flexcoders%40yahoogroups.com > > > > > SPONSORED LINKS > > Web site design development > <http://groups.yahoo.com/gads?t=ms&k=Web+site+design+development&w1=Web+ > site+design+development&w2=Computer+software+development&w3=Software+des > ign+and+development&w4=Macromedia+flex&w5=Software+development+best+prac > tice&c=5&s=166&.sig=L-4QTvxB_quFDtMyhrQaHQ> > > Computer software development > <http://groups.yahoo.com/gads?t=ms&k=Computer+software+development&w1=We > b+site+design+development&w2=Computer+software+development&w3=Software+d > esign+and+development&w4=Macromedia+flex&w5=Software+development+best+pr > actice&c=5&s=166&.sig=lvQjSRfQDfWudJSe1lLjHw> > > Software design and development > <http://groups.yahoo.com/gads?t=ms&k=Software+design+and+development&w1= > Web+site+design+development&w2=Computer+software+development&w3=Software > +design+and+development&w4=Macromedia+flex&w5=Software+development+best+ > practice&c=5&s=166&.sig=1pMBCdo3DsJbuU9AEmO1oQ> > > Macromedia flex > <http://groups.yahoo.com/gads?t=ms&k=Macromedia+flex&w1=Web+site+design+ > development&w2=Computer+software+development&w3=Software+design+and+deve > lopment&w4=Macromedia+flex&w5=Software+development+best+practice&c=5&s=1 > 66&.sig=OO6nPIrz7_EpZI36cYzBjw> > > Software development best practice > <http://groups.yahoo.com/gads?t=ms&k=Software+development+best+practice&; > w1=Web+site+design+development&w2=Computer+software+development&w3=Softw > are+design+and+development&w4=Macromedia+flex&w5=Software+development+be > st+practice&c=5&s=166&.sig=f89quyyulIDsnABLD6IXIw> > > > > > > ________________________________ > > YAHOO! GROUPS LINKS > > > > * Visit your group "flexcoders > <http://groups.yahoo.com/group/flexcoders> " on the web. > > * To unsubscribe from this group, send an email to: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of > Service <http://docs.yahoo.com/info/terms/> . > > > > ________________________________ > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
