function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
jensenaxeljensenaxel 

Can you use flex and develop locally on a domain, without having https?

is it possible not to use https? I have a local server running, and a local domain setup, http://demo.mm.com, and i get a trace error:

 

"Warning: Domain www.salesforce.com does not explicitly specify a meta-policy, but Content-Type of policy file http://www.salesforce.com/crossdomain.xml is 'text/x-cross-domain-policy'.  Applying meta-policy 'by-content-type'."

 

 

if i examine the call with service capture, it gives me some other errors: 

 

<soapenv:Envelope xmlns:sf="urn:fault.partner.soap.sforce.com" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

   <soapenv:Body>

      <soapenv:Fault>

         <faultcode>sf:UNSUPPORTED_CLIENT</faultcode>

         <faultstring>UNSUPPORTED_CLIENT: HTTPS Required</faultstring>

         <detail>

            <sf:UnexpectedErrorFault xsi:type="sf:UnexpectedErrorFault">

               <sf:exceptionCode>UNSUPPORTED_CLIENT</sf:exceptionCode>

               <sf:exceptionMessage>HTTPS Required</sf:exceptionMessage>

            </sf:UnexpectedErrorFault>

         </detail>

      </soapenv:Fault>

   </soapenv:Body>

</soapenv:Envelope> 

 

 

 

<?xml version="1.0" encoding="utf-8"?><mx:Application xmlns:mx = "http://www.adobe.com/2006/mxml" xmlns:salesforce = "http://www.salesforce.com/" layout = "absolute" applicationComplete = "login(event)" backgroundColor = "#FFFFFF" backgroundGradientColors= "[#FFFFFF,#FFFFFF]" width = "100%" height = "100%" pageTitle = "SalesForce Simple Demo" viewSourceURL="srcview/index.html"> <salesforce:Connection id = "apex" serverUrl = "http://www.salesforce.com/services/Soap/u/11.0" protocol = "http" /> <mx:Script> <![CDATA[ import vo.AccountVO; import mx.collections.ArrayCollection; import com.salesforce.results.QueryResult; import mx.utils.ObjectUtil; import mx.controls.Alert; import com.salesforce.AsyncResponder; import com.salesforce.objects.LoginRequest; import utils.ParsingUtils; [Bindable] private var acAccountList:ArrayCollection = new ArrayCollection(); [Bindable] private var acMassagedAccountList:ArrayCollection = new ArrayCollection(); private function login(event:Event):void { //Security.loadPolicyFile("http://www.salesforce.com/services/crossdomain.xml"); //Security.allowDomain('http://demo.mm.com'); apex.protocol = 'http'; var lr:LoginRequest = new LoginRequest(); //lr.server_url = 'http://demo.mm.com'; //lr.session_id = parameters.session_id; lr.username = '****************'; lr.password = '**********YR11kQ3K2meEmjXj8uzbsqg' lr.callback = new AsyncResponder(loadData, handleFault); apex.login(lr); } private function handleFault(fault:Object):void { Alert.show(ObjectUtil.toString(fault)); } private function loadData(lr:Object):void { apex.query( "Select Name, Phone, Type From Account", new AsyncResponder( handleQueryResult,handleFault) ); } private function handleQueryResult( event:QueryResult ):void { if (event.size > 0) { acAccountList.source = event.records.source; } //massage data for issue in datagrid if( acAccountList.length ) { acMassagedAccountList.source = ParsingUtils.convertToArrayCollection( acAccountList,vo.AccountVO ).source; } } ]]> </mx:Script> <mx:TabNavigator width = "100%" height = "100%" > <mx:VBox width = "100%" height = "100%" horizontalScrollPolicy = "off" verticalScrollPolicy = "off" label = "my own results after massaging data from force.com" > <mx:DataGrid width = "100%" height = "100%" dataProvider = "{acMassagedAccountList}" > <mx:columns> <mx:DataGridColumn dataField="Name" /> <mx:DataGridColumn dataField="Phone" /> <mx:DataGridColumn dataField="Type" /> </mx:columns> </mx:DataGrid> </mx:VBox> <mx:VBox width = "100%" height = "100%" horizontalScrollPolicy = "off" verticalScrollPolicy = "off" label = "wierd results straight from force.com" > <mx:Label width = "100%" text = "Grid does not highlight correctly due to SObject in salesforce api, not sure why... " /> <mx:DataGrid width = "100%" height = "100%" dataProvider = "{acAccountList}" > <mx:columns> <mx:DataGridColumn dataField="Name" /> <mx:DataGridColumn dataField="Phone" /> <mx:DataGridColumn dataField="Type" /> </mx:columns> </mx:DataGrid> </mx:VBox> </mx:TabNavigator> </mx:Application>

 

I just dont understand what I need to do to develop and deploy the test application?

 

I've put the security token at the end of the password, which solved one issue, got everything up and going locally, then created the domain for the application and try pushing the application out, and a mix of looking around at the forums answered some things... but I'm stuck now... I've white listed my IP address, and i'm just lost as to why i'm getting these issues...

 

can anyone help? 

 

Best Answer chosen by Admin (Salesforce Developers) 
pedrovarela1590pedrovarela1590

:smileyhappy: yes!!!!

 

This problem can be solved like this.. 

 

1. Go to your salesforce settings https://na6.salesforce.com/help/doc/en/admin_sessions.htm

2. Or read this first. https://na6.salesforce.com/help/doc/en/admin_sessions.htm

3. Uncheck where says Require secure connections (HTTPS)

4. On your MXML tag <salesforce:Connection id="force"  serverUrl="http://www.salesforce.com/services/Soap/u/10.0" protocol="http"/>

 

5. And that's it!!! :smileyvery-happy: 

All Answers

jensenaxeljensenaxel

I apologize for that jumbled up code, I didnt realize you could preview it.

 

 

 <?xml version="1.0" encoding="utf-8"?>

<mx:Application 

xmlns:mx = "http://www.adobe.com/2006/mxml" 

xmlns:salesforce = "http://www.salesforce.com/"

layout = "absolute"

applicationComplete = "login(event)"

backgroundColor = "#FFFFFF"

backgroundGradientColors= "[#FFFFFF,#FFFFFF]"

width = "100%"

height = "100%"

pageTitle = "SalesForce Simple Demo"

viewSourceURL="srcview/index.html">

<salesforce:Connection

id = "apex" 

serverUrl = "http://www.salesforce.com/services/Soap/u/11.0"

protocol = "http"

/>

<mx:Script>

<![CDATA[

import vo.AccountVO;

import mx.collections.ArrayCollection;

import com.salesforce.results.QueryResult;

import mx.utils.ObjectUtil;

import mx.controls.Alert;

import com.salesforce.AsyncResponder;

import com.salesforce.objects.LoginRequest;

import utils.ParsingUtils;

[Bindable]

private var acAccountList:ArrayCollection = new ArrayCollection();

[Bindable]

private var acMassagedAccountList:ArrayCollection = new ArrayCollection();

private function login(event:Event):void {

//Security.loadPolicyFile(' http://www.salesforce.com/services/crossdomain.xml ');

//Security.allowDomain('http://demo.mm.com');

apex.protocol = 'http';

var lr:LoginRequest = new LoginRequest();

//lr.server_url = 'http://demo.mm.com';

//lr.session_id = parameters.session_id;

lr.username = '**********';

lr.password = '*******6YR11kQ3K2meEmjXj8uzbsqg'

lr.callback = new AsyncResponder(loadData, handleFault);

apex.login(lr);

}

private function handleFault(fault : Object):void {

Alert.show(ObjectUtil.toString(fault));

}

private function loadData(lr: Object):void 

{

apex.query( "Select Name, Phone, Type From Account", new AsyncResponder( handleQueryResult,handleFault) );

}

private function handleQueryResult( event : QueryResult ):void

{

if (event.size > 0)

{

acAccountList.source = event.records.source;

}

//massage data for issue in datagrid

if( acAccountList.length )

{

acMassagedAccountList.source = ParsingUtils.convertToArrayCollection( acAccountList,vo.AccountVO ).source;

}

}

]]>

</mx:Script>

<mx:TabNavigator

width = "100%"

height = "100%"

>

<mx:VBox

width = "100%"

height = "100%"

horizontalScrollPolicy = "off"

verticalScrollPolicy = "off"

label = "my own results after massaging data from force.com"

>

<mx: DataGrid

width = "100%"

height = "100%"

dataProvider = "{acMassagedAccountList}"

>

<mx:columns>

<mx: DataGridColumn dataField="Name" />

<mx: DataGridColumn dataField="Phone" />

<mx: DataGridColumn dataField="Type" />

</mx:columns>

</mx: DataGrid>

</mx:VBox>

<mx:VBox

width = "100%"

height = "100%"

horizontalScrollPolicy = "off"

verticalScrollPolicy = "off"

label = "wierd results straight from force.com"

>

<mx:Label 

width = "100%" 

text = "Grid does not highlight correctly due to SObject in salesforce api, not sure why... " 

/>

<mx: DataGrid

width = "100%"

height = "100%"

dataProvider = "{acAccountList}"

>

<mx:columns>

<mx: DataGridColumn dataField="Name" />

<mx: DataGridColumn dataField="Phone" />

<mx: DataGridColumn dataField="Type" />

</mx:columns>

</mx: DataGrid>

</mx:VBox>

</mx:TabNavigator>

</mx:Application>


shillyershillyer

Just a thought, in the Session Settings under Setup, you can uncheck the "Require secure connections (https)" - try unchecking that.

 

Hope that helps,

Sati

jensenaxeljensenaxel
Great, thanks!
pedrovarela1590pedrovarela1590

:smileyhappy: yes!!!!

 

This problem can be solved like this.. 

 

1. Go to your salesforce settings https://na6.salesforce.com/help/doc/en/admin_sessions.htm

2. Or read this first. https://na6.salesforce.com/help/doc/en/admin_sessions.htm

3. Uncheck where says Require secure connections (HTTPS)

4. On your MXML tag <salesforce:Connection id="force"  serverUrl="http://www.salesforce.com/services/Soap/u/10.0" protocol="http"/>

 

5. And that's it!!! :smileyvery-happy: 

This was selected as the best answer
johnny9xjohnny9x

This did solve the problem for me.  HOWEVER, now you can see your Salesforce username and password in plain text in the soap POST.  Anyone using FireBug can clearly see your username/password and in turn log directly in to your Salesforce account and really cause problems.  VERY SCARY!  Here is an example of what I am seeing in the POST:

 

Referer: http://www.example.com/index.swfContent-type: text/xml; charset=UTF-8SOAPAction: ""Accept: text/xmlX-Salesforce-No-500-SC: trueContent-length: 344
<se:Envelope xmlns:se="http://schemas.xmlsoap.org/soap/envelope/"><se:Header xmlns:sfns="urn:partner.soap.sforce.com"/><se:Body><login xmlns="urn:partner.soap.sforce.com" xmlns:ns1="sobject.partner.soap.sforce.com"><username>username</username><password>password23iRL5xeJ470xVR2v9UI69RVw</password></login></se:Body></se:Envelope>  

Has anyone found a way to hide the password while hosting the swf file on an HTTP site?

 

Thanks!

pedrovarela1590pedrovarela1590

hey johnny9x well it all depends on how is your server security configuration, what happen with salesforce and flex..

 

if your flex app is on a non-secure server http, you have to connect to salesforce through http.

if your flex app is on a secure server https, you have to connect to salesforce through https (here you won't se your requests with firebug)

 

but, if  you are on http and want to connect to salesforce through https you won't be able, it will throw the security domain error, the same is the other way, from https to http,

 

supposedly you can solve that http <-> https specifying the protocol in the mxml tag, I tried that.. but didn't work.

 

If you find out how to connect your non secure application to a secure one, let me know.

 

Best regards, Pedro.

Message Edited by pedrovarela1590 on 11-20-2009 05:56 AM
DavidsuDavidsu

Hi,

 

I followed your steps and unchecked "require https connection" in salesforce admin UI and am trying to access http://test.salesforce.com/../ from a http://myserver.com. It still does not work. Shows the same Security error accessing url.

 

Could you please help?

 

Thank you
David

DavidsuDavidsu

This is the error code and the full error description

 

Error #2170: Security sandbox violation: http://192.168.1.113:8080/yfiles-flex/sf/salesforce.swf cannot send HTTP headers to http://test.salesforce.com/services/Soap/u/16.0?1000.7836196422577