I have two services. Both of them are session scope. I called them without using my Custom Login, but anyway I can reach the service. I am very sorprised with this behavior.
[WARN] HttpFlexSession has not been registered as a listener in web.xml for this application so no events will be dispatched to FlexSessionAttributeListeners or FlexSessionBindingListeners. To correct this, register flex.messaging.HttpFlexSession as a listener in web.xml. *[DEBUG] FlexSession created with id '17d57jgu0xu01' for an Http-based client connection.* [INFO] Channel endpoint my-amf received request. [DEBUG] Deserializing AMF/HTTP request Version: 3 (Message #0 targetURI=null, responseURI=/1) (Array #0) [0] = (Typed Object #0 'flex.messaging.messages.CommandMessage') operation = 5 This is my security set up in services-config.xml <security> <security-constraint id="loginService"> <auth-method>Custom</auth-method> </security-constraint> <login-command class=".........LoginCommand" server="Jetty"/> </security> This are my destinations <destination id="gServiceImpl"> <security-constraint ref="loginService"/> <properties> <source>..........GService</source> <scope>session</scope> </properties> </destination> <destination id="iServiceImpl"> <security-constraint ref="loginService"/> <properties> <source>.....IService</source> <scope>session</scope> </properties> </destination> I called to the destination without auth and I reach them. I see from log that the flex session is actually created. I havent auth so It cannot create a Flex session!!!! Any help, would be appreciated -- Fernando Wermus. www.linkedin.com/in/fernandowermus