You need to sign in to do that
Don't have an account?
jchanowitz
Flex toolkit and cross domain issues
Hi,
I'm trying to use the flex toolkit. I can run the salesforce.mxml app with no problems locally, but receive security sandbox errors when running from a server. I can see the apex login call is finding a cross-domain.xml file, but i still receive the violation.
The domain the toolkit requests data from is: .../services/Soap/u/9.0
but the file is at .../services/Soap/u/cross-domain.xml.
Does anyone know if it's location is an issue, or is there something else I'm doing wrong?
Thanks. It sure seems like a great tool if I can deploy it.
Jay
Anyone experienced this who found a solution?
Thanks,
Mike
Seattle
errorID = 0
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
message = "faultCode:Channel.Security.Error faultString:'Security error accessing url' faultDetail:'Destination: DefaultHTTP'"
name = "Error"
rootCause = (flash.events::SecurityErrorEvent)#1
bubbles = false
cancelable = false
currentTarget = (flash.net::URLLoader)#2
bytesLoaded = 0
bytesTotal = 0
data = (null)
dataFormat = "text"
eventPhase = 2
target = (flash.net::URLLoader)#2
text = "Error #2048: Security sandbox violation: http://localhost/IntuitPortal/salesforce.swf cannot load data from http://www.salesforce.com/services/Soap/u/9.0."
type = "securityError"
I'm just trying to do the toolkit's version of "Hello World" from my workstation's IIS localhost instance. It doesn't look like there's any https in the transaction. Here's the debugEvent's debugString from my logon request:
App Domain = null
Api Server name = www.salesforce.com
_internalServerUrl set to http://www.salesforce.com/services/Soap/u/9.0
loading the policy file: http://www.salesforce.com/services/Soap/u/cross-domain.xml
sandbox = remote
transport.url = http://www.salesforce.com/services/Soap/u/9.0
It's wierd. It seems to show the policy file was successfully loaded, but I still get the above sandbox error. Maybe just sticking a little proxy server between the flex client and SalesForce, instead of using the toolkit's library, is a better way to go. It just seems like such a fast and effective way to deploy simple CRUD apps over the Internet.
that is blocking the login from succeding
if you have a session id and a server url you should be able to use the API, but until there is a policy file for www you cannot use login()
local file works because the "local " sandbox is trusted
running from an scontrol works because the domain is the same
it's only running from a non-salesforce server that you would see this.
here is the login code, probably should be using https by default:
Code:
Message Edited by Ron Hess on 06-06-2007 02:49 PM
Is it currently possible to login using credentials from a flex application running on a webserver external to salesforce.com? If so, how?
thanks!
mitch
http://www.salesforce.com/services/crossdomain.xml, so you need to change the loginWIthCredentials function to load the policy file:
if (this.serverUrl == null)
{
this.serverUrl = "http://www.salesforce.com/services/Soap/u/9.0";
var policyUrl:String = "http://www.salesforce.com/services/crossdomain.xml";
Util.debug(this, "loading the policy file: " + policyUrl);
Security.loadPolicyFile(policyUrl);
Util.debug(this, "www sandbox = " + Security.sandboxType);
}
That gets you logged in (assuming you're using http, which I'm doing off of localhost; if using https then change accordingly)
Then to actually do anything - if using http - I needed to load the policy file to the api server at the end of loginWithCredentials function (assuming you're hitting na3):
Security.loadPolicyFile("http://na3-api.salesforce.com/services/Soap/u/cross-domain.xml");
Lastly, in the invoke function, I needed to strip out the returned https internal server to http:
if (intServerUrl == null) {
// Util.debug(this, "intServerUrl is null");
intServerUrl = _internalServerUrl;
if (intServerUrl.substr(0,5) == "https") {
intServerUrl = "http" + intServerUrl.substr(5);
}
Hope this helps.
it's a bit tricky, since the server you are on and the endpoint you talk to must be exactly the same protocol, I had to add a getter and setter for the protocol which can be one of 1)http 2)https. all my testing was done on http, using an apache localhost on my mac.
this code has not been re-built into a library yet, I expect to update that soon.
until then, if you check out the src , and build using the ANT build file ( compileSWF target) you can build your own working version.
Message Edited by Ron Hess on 07-26-2007 04:19 PM
Thanks!
Can anyone help?
Thanks!
(com.salesforce.events::ApexFaultEvent)#0
bubbles = false
cancelable = true
context = (null)
currentTarget = (null)
eventPhase = 2
fault = (mx.rpc::Fault)#1
errorID = 0
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
message = "faultCode:Channel.Security.Error faultString:'Security error accessing url' faultDetail:'Destination: DefaultHTTP'"
name = "Error"
rootCause = (flash.events::SecurityErrorEvent)#2
bubbles = false
cancelable = false
currentTarget = (flash.net::URLLoader)#3
bytesLoaded = 0
bytesTotal = 0
data = (null)
dataFormat = "text"
eventPhase = 2
target = (flash.net::URLLoader)#3
text = "Error #2048"
type = "securityError"
message = (mx.messaging.messages::ErrorMessage)#4
body = (Object)#5
clientId = "DirectHTTPChannel0"
correlationId = "177820BC-C1C2-E842-7FE6-C8EB287E98CD"
destination = ""
extendedData = (null)
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
headers = (Object)#6
messageId = "BDC545D7-8793-9DA5-3F56-C8EB288E66D4"
rootCause = (flash.events::SecurityErrorEvent)#2
timestamp = 0
timeToLive = 0
messageId = "BDC545D7-8793-9DA5-3F56-C8EB288E66D4"
target = (null)
token = (mx.rpc::AsyncToken)#7
message = (mx.messaging.messages::HTTPRequestMessage)#8
body = "<se:Envelope xmlns:se="http://schemas.xmlsoap.org/soap/envelope/"><se:Header xmlns:sfns="urn:partner.soap.sforce.com"/><se:Body><query xmlns="urn:partner.soap.sforce.com" xmlns:ns1="sobject.partner.soap.sforce.com"><queryString>Select Id, Email From Contact where Email ='joeblow@email.com'</queryString></query></se:Body></se:Envelope>"
clientId = (null)
contentType = "text/xml; charset=UTF-8"
destination = "DefaultHTTP"
headers = (Object)#9
DSEndpoint = "direct_http_channel"
httpHeaders = (Object)#10
Accept = "text/xml"
SOAPAction = """"
X-Salesforce-No-500-SC = "true"
messageId = "177820BC-C1C2-E842-7FE6-C8EB287E98CD"
method = "POST"
recordHeaders = false
timestamp = 0
timeToLive = 0
url = "http://www.salesforce.com/services/Soap/u/11.0"
responders = (Array)#11
[0] (::SalesForceResponder)#12
result = (null)
type = "fault"
Message Edited by fullvalue on 03-19-2008 02:24 PM
(com.salesforce.events::ApexFaultEvent)#0
bubbles = false
cancelable = true
context = (null)
currentTarget = (null)
eventPhase = 2
fault = (mx.rpc::Fault)#1
errorID = 0
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
message = "faultCode:Channel.Security.Error faultString:'Security error accessing url' faultDetail:'Destination: DefaultHTTP'"
name = "Error"
rootCause = (flash.events::SecurityErrorEvent)#2
bubbles = false
cancelable = false
currentTarget = (flash.net::URLLoader)#3
bytesLoaded = 0
bytesTotal = 0
data = (null)
dataFormat = "text"
eventPhase = 2
target = (flash.net::URLLoader)#3
text = "Error #2048"
type = "securityError"
message = (mx.messaging.messages::ErrorMessage)#4
body = (Object)#5
clientId = "DirectHTTPChannel0"
correlationId = "E25F8C1C-225A-C911-6C21-C9CCB67FBDA9"
destination = ""
extendedData = (null)
faultCode = "Channel.Security.Error"
faultDetail = "Destination: DefaultHTTP"
faultString = "Security error accessing url"
headers = (Object)#6
messageId = "FD4255E6-9E9D-B637-2ADE-C9CCB6EC6A77"
rootCause = (flash.events::SecurityErrorEvent)#2
timestamp = 0
timeToLive = 0
messageId = "FD4255E6-9E9D-B637-2ADE-C9CCB6EC6A77"
target = (null)
token = (mx.rpc::AsyncToken)#7
message = (mx.messaging.messages::HTTPRequestMessage)#8
body = "<se:Envelope xmlns:se="http://schemas.xmlsoap.org/soap/envelope/"><se:Header xmlns:sfns="urn:partner.soap.sforce.com"/><se:Body><login xmlns="urn:partner.soap.sforce.com" xmlns:ns1="sobject.partner.soap.sforce.com"><username>xxxxxxx@xxxxxx.com</username><password>xxxxxxx1Hmt965WUqQcNVpjaq61</password></login></se:Body></se:Envelope>"
clientId = (null)
contentType = "text/xml; charset=UTF-8"
destination = "DefaultHTTP"
headers = (Object)#9
DSEndpoint = "direct_http_channel"
httpHeaders = (Object)#10
Accept = "text/xml"
SOAPAction = """"
X-Salesforce-No-500-SC = "true"
messageId = "E25F8C1C-225A-C911-6C21-C9CCB67FBDA9"
method = "POST"
recordHeaders = false
timestamp = 0
timeToLive = 0
url = "http://www.salesforce.com/services/Soap/u/11.0"
responders = (Array)#11
[0] (::SalesForceResponder)#12
result = (null)
type = "fault"
Well it sure looks like to me that for whatever reason, you're not finding the cross domain policy file for the login end point. I just pulled the latest toolkit today, and had no problem. Just to be clear, here's the steps I took to get things working:
That runs it locally with no need for a cross domain file. I then:
Can you sucessfully do that? If not, then there may be something about where your account is located, that requires a different cross domain file that the toolkit is using. If you can, it should give you a starting point to whatever else you're trying to do.
- I created a new flex project in Flex builder 2.
- I added the as3SalesForce.swc to the build path
- I dragged the salesforce.mxml file over to the project. overwrote the one Flex built for me.
- I commented out the convertLead function body
- I changed to my login credentials in the login method
- I built and ran the app.
It ran fine. I was able to login.Next, I copied the bin folder to a network drive and run the HTML that loads the swf. I couldn't login. I tried that with and without apex.protocol = "http".
I can't help with running it off a network drive. All I can suggest is to try it off a web server directly, like I suggested. If that works, you need help with understanding the Flash Player's security model and why it doesn't let you in from the folder (if in fact you need to run it from there). If the web server doesn't work, then you need to look into why the default url in the toolkit for the cross domain file isn't working for your login.
Good luck.
(com.salesforce.events::ApexFaultEvent)#0
bubbles = false
cancelable = true
context = (null)
currentTarget = (null)
eventPhase = 2
fault = (mx.rpc::Fault)#1
errorID = 0
faultCode = "Server.Error.Request"
faultDetail = "Error: [IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #2032: Stream Error. URL: http://www.salesforce.com/services/Soap/u/11.0"]. URL: http://www.salesforce.com/services/Soap/u/11.0"
faultString = "HTTP request error"
message = "faultCode:Server.Error.Request faultString:'HTTP request error' faultDetail:'Error: [IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #2032: Stream Error. URL: http://www.salesforce.com/services/Soap/u/11.0"]. URL: http://www.salesforce.com/services/Soap/u/11.0'"
name = "Error"
rootCause = (flash.events::IOErrorEvent)#2
bubbles = false
cancelable = false
currentTarget = (flash.net::URLLoader)#3
bytesLoaded = 0
bytesTotal = 0
data = (null)
dataFormat = "text"
eventPhase = 2
target = (flash.net::URLLoader)#3
text = "Error #2032: Stream Error. URL: http://www.salesforce.com/services/Soap/u/11.0"
type = "ioError"
message = (mx.messaging.messages::ErrorMessage)#4
body = (Object)#5
clientId = "DirectHTTPChannel0"
correlationId = "026E48D3-1BFD-8AA6-A5D6-CDE8A1C8B7D8"
destination = ""
extendedData = (null)
faultCode = "Server.Error.Request"
faultDetail = "Error: [IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #2032: Stream Error. URL: http://www.salesforce.com/services/Soap/u/11.0"]. URL: http://www.salesforce.com/services/Soap/u/11.0"
faultString = "HTTP request error"
headers = (Object)#6
messageId = "154CD995-435D-2011-47FB-CDE8A2A25895"
rootCause = (flash.events::IOErrorEvent)#2
timestamp = 0
timeToLive = 0
messageId = "154CD995-435D-2011-47FB-CDE8A2A25895"
target = (null)
token = (mx.rpc::AsyncToken)#7
message = (mx.messaging.messages::HTTPRequestMessage)#8
body = "<se:Envelope xmlns:se="http://schemas.xmlsoap.org/soap/envelope/"><se:Header xmlns:sfns="urnartner.soap.sforce.com"/><se:Body><login xmlns="urnartner.soap.sforce.com" xmlns:ns1="sobject.partner.soap.sforce.com"><username>xxxxxxxx@xxxxxx.com</username><password>xxxxxxxxxxxxx9KYz1Hmt965XXXXQcNVpjaq61</password></login></se:Body></se:Envelope>"
clientId = (null)
contentType = "text/xml; charset=UTF-8"
destination = "DefaultHTTP"
headers = (Object)#9
DSEndpoint = "direct_http_channel"
httpHeaders = (Object)#10
Accept = "text/xml"
SOAPAction = """"
X-Salesforce-No-500-SC = "true"
messageId = "026E48D3-1BFD-8AA6-A5D6-CDE8A1C8B7D8"
method = "POST"
recordHeaders = false
timestamp = 0
timeToLive = 0
url = "http://www.salesforce.com/services/Soap/u/11.0"
responders = (Array)#11
[0] (::SalesForceResponder)#12
result = (null)
type = "fault"
If I use the apex.protocol = "http" and did not use my security token it worked?
Not sure I was testing with a dev login..
Anyways that a lot for taking time to help!
spotify downloader (https://spotytomp3.com)