flex and .net 2.0 web service, how to allow access from other domains?

StackOverflow https://stackoverflow.com/questions/809356

Question

I created a project in flex builder with application server type set to none.

When I debug, I can access the web service from my local machine thats on a site http://mysite.com/ws/ws.aspx?wsdl

When I upload the flex app to mysite.com/myapp.html it works great.

But, when I upload it to myapp.mysite.com/myapp.html it wont access the web service.

Anyone know what I'm missing?

Thanks

P.S. The WS was created with VB.net, and when I create a flex project with application server type set to .net, it wont access the WS from my local machine

this is my crossdomain.xml file

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
  <site-control permitted-cross-domain-policies="all"/>
  <allow-access-from domain="*"/>
  <allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>

**My guess is that it isn't a flex problem, but a .net security feature... wich I don't know how to configure.

.NET won't allow apps to use it outside of its own domain.**

Was it helpful?

Solution

By default Flex does not allow accessing web services on remote hosts. This is a security feature of Flex. Since your Flex app is deployed at myapp.mysite.com it's under different host than the service at mysite.com.

You can add a crossdomain.xml to the mysite.com which Flex will check to see if the service allows access from different domains. The crossdomain.xml file must be located in the web root of the domain (mysite.com/crossdomain.xml). I've used the following contents to allow debugging use. Note that it allows all use so if you want to restrict the use in production, you need to modify it later.

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
    "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" to-ports="*" />
   <allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>

More information in Flex documentation, especially the knowledge base article.

OTHER TIPS

Try checking the requests being made with Tamper Data (extension to Firefox). Check so that the app finds the crossdomain.xml file. If the path is off, that's your problem.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top