how to use Crossdomain.xml in tomcat !!

[Manish]

Hi,

Its correct that you have to add the crossdomain.xml in the root of
your web application like,
if your web app is: FlexServer
So, you have create the crossdomain.xml under the <tomcat>/webapss/
FlexServer folder.

But still there is a problem of accessing your server from another
domain.
For ex: your machine ip is : 20.32.63.78 (which is hosting tomcat
server)
And your application domain (name) is FlexServer and page is: under
flex/FlexSimple.html, then if your are accessing your app in your
browser like:
And in your flex mxml file the URL which you are accessing is like:

http://20.32.63.78:8080/FlexServer/getData.jsp (FlexSimple.html is
communicating to this URL)

Now in browser you had given the following URL:
http://20.32.63.78:8080/flex/FlexSimple.html
Accessing this URL there wont be any error but of you have given this
URL:
http://localhost:8080/flex/FlexSimple.html
then you will get this error in flash player (I have tested in IE 6)

“Error #2044: Unhandled securityError:. text=Error #2048: Security
sandbox violation: http://20.32.63.78:8080/flex/FlexSimple.swf cannot
load data from http://20.32.63.78:8080/FlexServer/getData.jsp.”

It means that localhost (in browser) and 20.32.63.78 ( in jsp URL)
are two different domains and even if you have added crossdomain.xml
in the root of your web application(FlexServer), this error will come


So, you have to add the following code in the mxml file and better to
call the init code from the initialize property of the flex
application:

<mx:Application xmlns:mx="http://www.adobe.com/2006/mxml"
layout="absolute"
backgroundColor="#FFFFFF"
backgroundAlpha="0"
backgroundImage=""
initialize="initDomain()" >

<mx:Script>
<![CDATA[
private function initDomain(): void
{
var ip:String = “your server ip”;
Alert.show("in init().....");
//Security.allowDomain("*");
Security.allowDomain(ip+"/FlexServer/");

Security.loadPolicyFile("http://"+ip+":8080/FlexServer/
crossdomain.xml");
Alert.show("loaded policyfile....."); }
]]>
</mx:Script>

In the above code snippet I have called initDomain() function from
initialize property.

1. Code: Security.allowDomain(ip+"/FlexServer/");
Is allowing the flash player to access this (ip) domain
2. Instead of using
Security.allowDomain(ip+"/FlexServer/");
You can use
Security.allowDomain(“*"); also
It allows flash player to access all the domains, but still you have
load all the crossdomain.xml from all the domains (see next step)

2. The next step is to load the corssdomain policy file as:
Security.loadPolicyFile("http://"+ip+":8080/FlexServer/
crossdomain.xml");


After adding this code there shouldn’t be any Security error.

Hope this will help.

Software used for testing:
Server: Tomcat: ver-5.5.26
Browser: ver-6
Flex: flex-3


cheers,
Manish

[vish]

Hi Manish,

Thanks for it, Its usefull for me.
But I want to knwo one thing, is I used same code below..

Security.allowDomain(“*");

Security.loadPolicyFile("http://"+ip+":8080/FlexServer/
crossdomain.xml");

And when I check the fidler while loading the page, It loads
crossdomain.xml successfully, but before accessing this, It tried to
load ip+crossdomain.xml, which was not there. and showed in red.

Why its accessing crossdomain.xml before I provide my xml path.

Any reply will be appreciated.
Thanks

Rajesh

[mangrove]

Hi Manish,

I have problem:

in the initialize method. I have some codes
import flash.external.ExternalInterface;
import flash.system.Security;

import mx.controls.Alert;

private function initDomain():void {
try {
// www.google.com[:port]
var _host:String =
String(ExternalInterface.call("window.location.host.toString"));

// http:, https:
var _protocol :String =
String(ExternalInterface.call("window.location.protocol.toString"));

// localhost or google.com
var _hostname:String =
String(ExternalInterface.call("window.location.hostname.toString"));

var _url:String = _protocol + "//" + _host + "/gis_online/
crossdomain.xml";

Security.allowDomain("*");
Security.loadPolicyFile(_url);

Alert(this.url); // http://localhost/test/index.swf
Alert(_url); // http://localhost/test/crossdomain.xml

}
catch (err:Error){
throw err.message;
}
}

crossdomain.xml and index.swf file is in root folder.

But i always get error:

[RPC Fault faultString="Send failed"
faultCode="Client.Error.MessageSend"
faultDetail="Channel.Security.Error error Error #2048

Please help me

Thanks

[mangrove]

hi Manish,

in the initialize method. I have some codes:

import flash.external.ExternalInterface;
import flash.system.Security;

import mx.controls.Alert;

private function initDomain():void {
try {
// www.google.com[:port]
var _host:String =
String(ExternalInterface.call("window.location.host.toString"));

// http:, https:
var _protocol :String =
String(ExternalInterface.call("window.location.protocol.toString"));

// localhost or google.com
var _hostname:String =
String(ExternalInterface.call("window.location.hostname.toString"));

var _url:String = _protocol + "//" + _host + "/gis_online/
crossdomain.xml";

Security.allowDomain("*");
Security.loadPolicyFile(_url);

Alert(this.url); // http://localhost/gis_online/index.swf
Alert(_url); // http://localhost/gis_online/crossdomain.xml