More than a year a go I started writing about flex. My first post was about the integration of BlazeDS with the springframework at the back-end using intellij. I moved on with a Datagrid component that had filtering included in my second post. Than I did two posts about integrating spring security. The first article was a nice start to understand the concepts. The second post improved the code a lot with more understanding of the flex principles.

With the next posts I moved on to use maven, which in the beginning was not easy, but thanks to the excellent flex-mojos plugin from velo. In the beginning of this year I started blogging about the springsource coming into the flex domain for real. Two projects, one for the spring style of programming in the ActionScript language. The other one for integrating BlazeDS and the spring framework. I wrote multiple posts about the new spring project. This post will probably not be the last. But if you are using Mate as well as the spring BlazeDS Integration project. This is a must read post. Maybe only to laugh at what I have done, but I hope to be amazed how simple a full flexed application can be when you combine all these technologies.

Kind of a long introduction, but what is this post really about? I have been using a sample application called books-overview that I have been using for flex based applications. I have been adding stuff to it once in while, but now I have completely refactored it. I am using a framework called Mate, have made it modular using the flex-mojos plugin and I have adopted the Spring BlazeDS integration project. Time to explain the way I handle security now, how I am using maven and show the extension to Mate for security.

Read on to find out how I did it and like always leave a comment if you like it or if you have improvements.

The books-overview sample

The books overview sample is a very easy application. You need to login to get access to the application. You can get two different roles. A normal user can look at the books, and admin user can also add books. The domain model is very easy. There are two entities; book and author. A book can have multiple authors and an author can write multiple books. I think the architecture is pretty straightforward. The basic business layer, dao layer, domain component and a web project containing the BlazeDS and flex components. We use spring-security to implement authentication as well as authorization. All data is stored in an in memory database and everything is build using maven. You can find the code in google code, checkout the trunk with the following command:

svn checkout http://gridshore.googlecode.com/svn/trunk/books-overview gridshore-books-overview

To tests if it works, you can use the following commands:

  • step into the directory where you just checked out the sample
  • mvn clean install (you might have to install some artifacts yourself that are not available in a repository)
  • cd books-web
  • mvn clean jetty:run-war
  • open your browser with the url: http://localhost:8080/books-web

You should see the login screen, enter user admin with password admin and you should see the following screen:

bo_screen_initial.png

It looks like a pretty easy screen, but a lot has happened before this screen is presented to you. Most important to know for now is that the New Book button is only available when logged in as admin. The name can be seen in the logout button on the right. This time with the label logout admin. You can now experiment with the application a bit. That way you will better understand what is happening in the code.

Setting up the maven build

For my development I use a combination of building with maven and writing code within intellij. Maybe I should invest more time to build with intellij as well, but I keep having problems with it. The workflow of building with maven in a command line is now so easy that I settle with that. Though I do miss the debugging, maybe I’ll step into it once more. A very cool feature of intellij is that it can group projects into modules. You can make intellij create these modules automatically based on maven structures. Pom projects become modules. That way grouping your flex projects to give them common dependencies becomes very easy. That is what I have done for the sample.

bo_dir_struct.png

Lets have a look at the dependencies and some build specifics. The parent pom contains the following dependencies: flex.sdk.version=3.2.0.3958, spring-actionscript=0.7.1, mate.version=0.8.7.1, flex-mojos.version=3.2.0

<dependency>
    <groupId>com.adobe.flex.framework</groupId>
    <artifactId>flex-framework</artifactId>
    <version>${flex.sdk.version}</version>
    <type>pom</type>
</dependency>
<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-actionscript</artifactId>
    <version>${spring-actionscript.version}</version>
    <type>swc</type>
</dependency>
<dependency>
    <groupId>com.asfusion</groupId>
    <artifactId>mate</artifactId>
    <version>${mate.version}</version>
    <type>swc</type>
</dependency>
<!-- testing -->
<dependency>
    <groupId>org.sonatype.flexmojos</groupId>
    <artifactId>flexmojos-unittest-support</artifactId>
    <version>${flex-mojos.version}</version>
    <type>swc</type>
    <scope>test</scope>
</dependency>

The build section for both of the flex modules is the same. The only difference is the packaging. For the security model it is swc and for the mate module it is swf. The mate modules is actually not a very good name, it contains the application, maybe I should call it main or so. The build section of the pom looks like this:

    <build>
        <sourceDirectory>src/main/flex</sourceDirectory>
        <testSourceDirectory>src/test/flex</testSourceDirectory>
        <plugins>
            <plugin>
                <groupId>org.sonatype.flexmojos</groupId>
                <artifactId>flexmojos-maven-plugin</artifactId>
                <version>${flex-mojos.version}</version>
                <extensions>true</extensions>
                <configuration>
                    <contextRoot>/books-web</contextRoot>
                    <mergeResourceBundle>true</mergeResourceBundle>
                    <resourceBundlePath>${basedir}/src/main/locale/{locale}</resourceBundlePath>
                    <locales>
                        <locale>en_US</locale>
                        <!--<locale>nl_NL</locale>-->
                    </locales>
                </configuration>
            </plugin>
        </plugins>
        <defaultGoal>install</defaultGoal>
        <resources>
            <resource>
                <directory>${basedir}/src/main/resources</directory>
            </resource>
        </resources>
    </build>

The other big maven thing to configure is the server side. This you can find in the books-web project. There are dependencies for BlazeDS and the spring-flex project containing the BlazeDS spring integration. Please check the code if you want to see more of it. The last thing I want to show about maven are the repositories I use to find most of the artifacts. You do need to install some manually, but most of them come from an existing repository:

    <repositories>
        <repository>
            <id>flex-mojos-repository</id>
            <url>http://repository.sonatype.org/content/groups/public</url>
            <releases>
                <enabled>true</enabled>
            </releases>
            <snapshots>
                <enabled>false</enabled>
            </snapshots>
        </repository>
        <repository>
            <id>fnh</id>
            <url>http://fna.googlecode.com/svn/trunk/fna/fna_m2_repository/</url>
        </repository>
        <repository>
            <id>Servebox</id>
            <url>http://maven.servebox.org/repository</url>
            <releases>
                <enabled>true</enabled>
            </releases>
            <snapshots>
                <enabled>false</enabled>
            </snapshots>
        </repository>

        <repository>
            <id>spring-milestone</id>
            <name>Spring Portfolio Milestone Repository</name>
            <url>http://maven.springframework.org/milestone</url>
            <releases>
                <enabled>true</enabled>
            </releases>
            <snapshots>
                <enabled>false</enabled>
            </snapshots>
        </repository>
    </repositories>
    <pluginRepositories>
        <pluginRepository>
            <id>flex-mojos-repository</id>
            <url>http://repository.sonatype.org/content/groups/public</url>
            <releases>
                <enabled>true</enabled>
            </releases>
            <snapshots>
                <enabled>false</enabled>
            </snapshots>
        </pluginRepository>
    </pluginRepositories>

Enough about maven, lets move on to the flex side.

Introducing Mate, a flex framework

mate_logo.pngMate is a tag-based, event-driven Flex framework. At least that is what the website states. Event driven is very important. If you follow the recommended way to create your application you get a clean separation of front end components that show data, forms and interaction components. Each action should lead to an event, which is handled by Mate. Most of the logic is put into manager components.

Lets have a look at what happens when you click on the All Books button. The MainNavigation.mxml contains a button that calls the following code when the button is clicked.

private function doObtainAllBooks():void {
    var event:BooksEvent = new BooksEvent(BooksEvent.OBTAIN_ALL_BOOKS);
    dispatchEvent(event);
}

As you can see, this only dispatches and event. Mate uses an mxml component with a lot of special tags to handle events. This handling can result in calling remote services, manager classes, dispatching new events and injecting data into view components. The following code block shows the capturing of this event, calling a remote service to obtain the books, giving the books to a manager, injecting the results into the AllBooks.mxml view component. Finally a new navigation event is dispatched to open the view component. The names of the tags give a clear description of what is going on.

<EventMap xmlns:mx="http://www.adobe.com/2006/mxml" xmlns="http://mate.asfusion.com/">
    ...
    <mx:RemoteObject id="booksService"
                     endpoint="http://{props.host}:{props.port}/{props.webcontext}/messagebroker/amf"
                     destination="remoteBookManager"/>

    <EventHandlers type="{BooksEvent.OBTAIN_ALL_BOOKS}" debug="true">
        <RemoteObjectInvoker instance="{booksService}" method="obtainAllBooks">
            <resultHandlers>
                <MethodInvoker generator="{BooksManager}" method="storeBooks" arguments="{resultObject}"/>
                <EventAnnouncer generator="{MainNavigationEvent}" type="{MainNavigationEvent.NAVIGATION}">
                    <Properties navigationId="{MainNavigationEvent.ALL_BOOKS}"/>
                </EventAnnouncer>
            </resultHandlers>
        </RemoteObjectInvoker>
    </EventHandlers>
    <Injectors target="{AllBooks}">
        <PropertyInjector source="{BooksManager}" sourceKey="books" targetKey="books"/>
    </Injectors>
    ...
</EventMap>

Now have a look at the code of the BooksManager component. Calling the actual remote object and transforming java objects into flex objects is done using BlazeDS. More on this later on. The objects that you get back are Books.

public class BooksManager {
    [Bindable]public var books:ArrayCollection = new ArrayCollection();

    public function storeBooks(obj:Object):void {
        books = ArrayCollection(obj);
    }
}

[Bindable]
[RemoteClass(alias="nl.gridshore.samples.books.domain.Book")]
public class Book {
    public var id:Number;
    public var title:String;
    public var isbn:String;
    public var authors:ArrayCollection = new ArrayCollection();

    public function Book() {
    }

    public function addAuthor(author:Author):void {
        authors.addItem(author);
    }
}

That was your crash coarse in Mate. If you want to know more about the basics, be sure to check out their website. A lot of links to other good resources are available. Time to move on. For the security part I need to extend Mate. That is what the next section is about

Implementing authentication in the flex client

With respect to the authentication there are three different events that take place:

  • Check if needs authentication – If the current client is not authenticated the login form must be presented
  • Try authentication – check the provided credentials, show an error message if authentication fails or go to the initial screen.
  • Logout – logout from the client

The handling of these three events can be found in the SecurityEventMap.mxml component. This part of the solution has changed the most with respect to previous versions of the sample. In the current release I make use of the standard capabilities of the flex class mx.messaging.ChannelSet. I have created an extension to interact with this channelset using tags, the ChannelSetInvoker. Creating this class was not easy to me, there is a document that can help and the source code from existing tags is very helpful. I run by some things I learned while creating the extension.

A very important part is to make a difference to properties that you need to configure the component and arguments to the methods being called. The ChannelSet will not change and can be provided as a property. The username and password for the login method are arguments to the method and need to be provided as arguments. Within the source code you can see the difference as well, the ChannelSet is a property of the component, while username and password are not really visible in the code. The ChannelSetInvoker component uses the ResultEvent and the FaultEvent to communicate with handlers. You can register handlers in the Mate event mapping component. Of course we need to registers these handlers within the component. This is done in the complete function

    override protected function complete(scope:IScope):void {
        if (this.resultHandlers && resultHandlers.length > 0) {
            this.createInnerHandlers(scope, ResultEvent.RESULT, resultHandlers);
        }
        if (this.faultHandlers && faultHandlers.length > 0) {
            this.createInnerHandlers(scope, FaultEvent.FAULT, faultHandlers);
        }
    }

Time to move on to the fun part, the actual interaction with the ChannelSet. The components supports three methods (think about the three events we needed): login, logout and authenticated. The magic takes place in the run function.

    override protected function run(scope:IScope):void {
        var argumentList:Array = (new SmartArguments()).getRealArguments(scope, this.arguments);
        innerHandlersDispatcher = channelSet;

        if (method == "login") {
            if (!channelSet.authenticated) {
                var loginToken:AsyncToken = channelSet.login(argumentList[0], argumentList[1]);
                loginToken.addResponder(new AsyncResponder(
                        function(event:ResultEvent, token:Object = null):void {
                            scope.lastReturn = event.result;
                            innerHandlersDispatcher.dispatchEvent(event);
                        },
                        function(event:FaultEvent, token:Object = null):void {
                            scope.lastReturn = event.fault;
                            innerHandlersDispatcher.dispatchEvent(event);
                        }));
            }
        } else if (method == "logout") {
            var logoutToken:AsyncToken = channelSet.logout();
            logoutToken.addResponder(new AsyncResponder(
                    function(event:ResultEvent, token:Object = null):void {
                        innerHandlersDispatcher.dispatchEvent(event);
                    },
                    function(event:FaultEvent, token:Object = null):void {
                        innerHandlersDispatcher.dispatchEvent(event);
                    }));
        } else if (method == "authenticated") {
            var isAuthenticated:Boolean = channelSet.authenticated;
            scope.lastReturn = isAuthenticated;
            var event:ResultEvent = new ResultEvent("user is authenticated?", false, true, isAuthenticated);
            innerHandlersDispatcher.dispatchEvent(event);
        }
    }

Check how we use the provided arguments in the login method handling. AsyncToken objects are used to handle the asynchronous results of the login and logout methods. Finally the innerHandlerDispatcher is used to notify the registered handlers of new results. For the final piece of the puzzle, have a look at the implementation of the event handling. Due to the names of the tags the code is self explanatory.

<EventMap xmlns:mx="http://www.adobe.com/2006/mxml" xmlns="http://mate.asfusion.com/"
          xmlns:extensions="extensions.*">
    <mx:ChannelSet id="authenticationChannelSet">
        <mx:AMFChannel id="myAmf" uri="http://{props.host}:{props.port}/{props.webcontext}/messagebroker/amf"/>
    </mx:ChannelSet>

    <!-- Event handlers -->
    <EventHandlers type="{AuthenticationEvent.TRY}" debug="true">
        <extensions:ChannelSetInvoker method="login"
                                      channelSet="{authenticationChannelSet}"
                                      arguments="{&#91;event.username,event.password&#93;}">
            <extensions:resultHandlers>
                <MethodInvoker generator="{AuthenticationManager}" method="logInSuccess"
                               arguments="{currentEvent.result}"/>
            </extensions:resultHandlers>
            <extensions:faultHandlers>
                <MethodInvoker generator="{AuthenticationManager}" method="storeAuthenticationProblem"
                               arguments="{currentEvent.fault}"/>
            </extensions:faultHandlers>
        </extensions:ChannelSetInvoker>
    </EventHandlers>

    <EventHandlers type="{AuthenticationEvent.CHECK_NEEDS}" debug="true">
        <extensions:ChannelSetInvoker method="authenticated" channelSet="{authenticationChannelSet}">
            <extensions:resultHandlers>
                <MethodInvoker generator="{AuthenticationManager}" method="isAuthenticated"
                               arguments="{currentEvent.result}"/>
            </extensions:resultHandlers>
        </extensions:ChannelSetInvoker>
    </EventHandlers>

    <EventHandlers type="{AuthenticationEvent.LOGOUT}" debug="true">
        <extensions:ChannelSetInvoker method="logout" channelSet="{authenticationChannelSet}">
            <extensions:resultHandlers>
                <MethodInvoker generator="{AuthenticationManager}" method="logout"/>
            </extensions:resultHandlers>
        </extensions:ChannelSetInvoker>
    </EventHandlers>
</EventMap>

To be able to actually authenticate, we need a server component as well. With the RC2 release of the spring-flex project this has become incredibly easy. The next section talks about that part of the application.

Spring-flex, how easy can it be.

I do want to stress that the documentation coming with spring-flex is a good read. I recommend to read it to see all options that you have. For now I discuss only the basic steps.

http://static.springframework.org/spring-flex/docs/1.0.x/reference/html/ch04s02.html

  • Configure the web.xml, add the dispatcher servlet and the springSecurityFilterChain for the initialization of spring security.
  • I added one servlet mapping for *.properties. This is for loading the config.properties file through a spring bean. Check my post flex remoting without configuring the client to find out more on this topic.
  • Configure BlazeDS using the services-config.xml file in the default location WEB-INF/flex. Remember that we do not need this file in the flex client anymore like we did in the past. It is also this file where you configure BlazeDS logging.
  • Configure the security, be sure to look good before it is over.
    <!-- Bootstraps and exposes the BlazeDS MessageBroker -->
    <flex:message-broker>
        <flex:secured />
    </flex:message-broker>

    <!-- remote proxies -->
    <flex:remoting-destination destination-id="remoteBookManager" ref="bookManager" exclude-methods="internalUseStoreBook"/>

    <security:http entry-point-ref="preAuthenticatedEntryPoint"/>

    <bean id="preAuthenticatedEntryPoint"
        class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint" />

    <security:global-method-security>
        <security:protect-pointcut
            expression="execution(* nl.gridshore.samples.books.business.*Manager.store*(..))"
            access="ROLE_ADMIN"/>
        <security:protect-pointcut
            expression="execution(* nl.gridshore.samples.books.business.*Manager.obtain*(..))"
            access="ROLE_USER"/>
    </security:global-method-security>

    <security:authentication-provider>
        <security:user-service>
            <security:user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN"/>
            <security:user name="user" password="user" authorities="ROLE_USER"/>
        </security:user-service>
    </security:authentication-provider>

As you can see, most of the configuration deals with method-security and the authentication provider. It takes around 5 lines of code to configure spring security to receive all incoming authentication requests and connect to BlazeDS security. I think this is pretty amazing. During the refactoring I could remove a lot of configuration and a java class. Also the client code has become a lot easier and adheres to standards of flex remoting.

Concluding

That is it, now we have a much cleaner sample. Be sure to check out the code and of course the referring frameworks. I also want to mention the extendability of the Mate framework. At first I had to understand some basic concepts, but than it become easy to write an extension. I hope you like the blog. Questions and commands are welcome.

See you again next time.

Integrate flex security in Mate using the spring BlazeDS integration project
Tagged on:                     

49 thoughts on “Integrate flex security in Mate using the spring BlazeDS integration project

  • June 13, 2011 at 6:50 am
    Permalink

    Hi,

    This example helped me a lot in understanding the Spring security and to start up my project.
    Can you tell us an example , if I want extra field “Domain ” with username and password in login page using flex.
    I know how to do in Spring and JSP , but i guess Flex Channel do not provide any field other than username/password for authentication.

    Your input will really help me to fix this issue.

    Thanks
    Archana

  • March 19, 2011 at 8:58 pm
    Permalink

    I am not sure if I completely understood the example, but where is the part where you check if the user is already authenticated?
    In other words, have you used spring security’s remember-me functionality to make authentication work across browser invocations by using a remember-me token??

    • March 19, 2011 at 9:26 pm
      Permalink

      This is session based and therefore out-of-the-box functionality

  • Pingback:Using Spring BlazeDS Integration 1.0 | SpringSource Team Blog

  • September 15, 2010 at 2:10 am
    Permalink

    Can you clarify a few things surrounding how your kept from having to hard code the server name, port, and context. It looks like you are using a properties file via org.springextensions.actionscript.collections.Properties. What is this thing? Where did you find it? Also, I cannot seem to locate the “config.properties” file it seems to be loading. Can you clarify?

  • September 15, 2010 at 1:30 am
    Permalink

    Thanks for the excellent example. I am confused by one thing however. You use the “flex:message-broker” tag within spring-web.xml and you also configure a remoting-service within your services-config.xml file. I thought the Flex-Spring integration eliminated the need to explicitly configure a remoting-service when you use the flex:message-broker tag. Is this not the case?

  • September 13, 2010 at 1:41 pm
    Permalink

    Is it okay to use this code in my website and also keep it open for others to download?

    • September 13, 2010 at 5:20 pm
      Permalink

      I don’t mind if you use the code, not sure about letting others download it. But I guess it is ok. Of course do mention where you got it from. Also be sure that this is still the most optimal way to do it. A lot has changed since this post. So you might want to do some further investigation. Also check my post about the parsley framework.
      Parsley example

  • September 10, 2010 at 11:28 pm
    Permalink

    Hi,

    I am new flex developer, and was wondering, why you are using MATE framework, is it better than parsley, because my team leader choose the parsley framework over mate, he thinks that its easer for use and less restrictive!!!

    thanks for such a perfect example.

    • September 11, 2010 at 6:38 am
      Permalink

      Hi I used Mate for multiple projects. It is a nice framework. However my last project I have done with Parsley. I like THE idea behind Parsley netter than I like Mate. Dependency injection is à lot better. Therefore, especially as à Java programmer, I thinking Thatcher parsley Suits better. Search on this blog and you will Finder à thorough post about parsley as well.

  • April 21, 2010 at 10:13 am
    Permalink

    I used the mate’s google code repository. You can change the articat-id and group-id with

    com.asfusion.mate
    mate-framework
    0.8.9

    0.8.9

    20091002021927


    and also add super pom this repository

    mate repo
    http://mate-framework.googlecode.com/svn/trunk/maven/

    • April 21, 2010 at 10:22 am
      Permalink

      html tags are niot supported in my coments. But I think I understand what you mean. I will update my code with your suggestion.

      thanks

  • April 13, 2010 at 4:49 pm
    Permalink

    Thanks. Project form trunk worked.

  • April 13, 2010 at 4:24 pm
    Permalink

    Thanks for prompt reply.

    I will try and let you know. Do I need to edit books-flex-mate_temp_flex_config.xml file? My maven repository is not at default location.

  • April 13, 2010 at 3:33 pm
    Permalink

    I have checked out books-overview-1.0.0 from tag. I get this same error in all three server (Jetty/Tomcat/JBoss).

    I will try if I can give you more input. Do I need to modify books-flex-mate_temp_flex_config.xml file ?

  • April 12, 2010 at 6:49 pm
    Permalink

    I tried to compile and run books-overview application in jetty/tomcat/jboss. I am getting following error. Is there anything I need to do for this project to run?

    java.io.FileNotFoundException: D:\servers%20and%20projects\projects\books-overview-1.0.0\books-web\target\work\webapp\WEB-INF\lib\books-integration-1.0.0.jar (The system cannot find the path specified)
    at java.util.zip.ZipFile.open(Native Method)
    at java.util.zip.ZipFile.(ZipFile.java:114)
    at java.util.jar.JarFile.(JarFile.java:133)
    at java.util.jar.JarFile.(JarFile.java:97)

    Thanks

    • April 13, 2010 at 7:29 am
      Permalink

      What did you checkout? Are you on the trunk? I regularly fix things people come up with, but this is one I have never seen before. Can you try the embedded jetty first? You can run this in the books-web project and call mvn clean jetty:run-war

  • February 17, 2010 at 4:21 pm
    Permalink

    JETRO Mr. hallo again, I was able to open the file flex_security, but I have a little problem when opening the file, there is an error message like this:

    The plugin ‘info.rvin.mojo: flex-compiler-mojo’ nà exist or no valid version could be found pom.xml

    to deal with I try to update maven in eclipse IDE component, but that did not work, what should I do about it

    thank you, please help me

    • February 17, 2010 at 4:25 pm
      Permalink

      Please check the comments, someone else has asked this question before. As far as I know these libraries cannot be found in a maven repository and you have to install them yourself.

  • February 17, 2010 at 3:31 pm
    Permalink

    hallo mr JETRO, I am a beginner
    I’m still confused, how to open the file and run it, can use the eclipse IDE/ adobe flex 3 buider or to use other tools

    thank you, please help me

    • February 17, 2010 at 4:08 pm
      Permalink

      What file are you talking about? The pom.xml? I just open it with intellij and everything works nicely together. I have no experience with EclipseIDE or flex builder.

  • Pingback:Jacob Heric » Blog Archive » Spring Flex integration with BlazeDS

  • December 8, 2009 at 12:51 pm
    Permalink

    Oops… I mean the following:
    — edit by admin —
    (sorry no html code in comments)
    groupId: xalan
    artifactId: xalan
    version: 2.7.1

  • December 8, 2009 at 12:45 pm
    Permalink

    You must add the following to the pom.xml

    xalan
    xalan
    2.7.1

    Then it works great.

    –Irshad

  • Pingback:Rapid Flex RIA development using Spring-BlazeDS with SpringFuse

  • October 21, 2009 at 1:36 am
    Permalink

    Very useful post mate! Had to go back and read Mate documents a few time to get my head around it.

    I have one question: Is it possible to add an instance (service) method similar to the other Invokers? this helps split out the services into a separate file as is mentioned in the best practices.

    Thanks
    Des

  • October 5, 2009 at 10:13 am
    Permalink

    I am working on an online Java Flex code generator. First version is online at http://paddle.devoorkant.nl.
    My first intentions was to solve the data type mapping issues between Java and Flex. Still working on that to make it perfect.
    Next job is to extend code generator for Java/J2EE back end (EJB/Hibernate) and Flex front end (Validators, layout).
    Also thinking of integration + generation possibilies with PureMVC, Cairngorm or Mate for structured MVC handling. Not decided yet which framework to choose.
    I read your article and I’m sure digging into Mate further.

    -Martijn

  • August 31, 2009 at 12:05 am
    Permalink

    Nice post, thanks. I’m making use of the ChannelSetInvoker in my project.

    One note on the ‘login’ method of that extension, though:

    I understand the motivation for the ‘if (!channelSet.authenticated)’ check around that processing, but it raises a couple of issues:

    (1) It would be helpful to know whether or not the login was actually attempted, so that you can perform some action if it was not. I fiddled around with setting ‘scope.lastReturn’ appropriately and then using a StopHandler in my map. This works but isn’t too graceful.

    (2) More of an issue, it seems that the result and fault actions listed in the Mate map for the ‘login’ action remain registered if you don’t dispatch a FaultEvent or ResultEvent, and they are processed when the result/fault for the _next_ call to the extension is received. It looks like you need to manually unregister these actions if you’re not going to dispatch one of those events. I haven’t looked into the framework code enough to see how to do that.

    For now, I’ve commented-out the ‘authenticated’ check and am relying on my architecture to avoid an invalid authentication attempt. I’d rather get a straightforward IllegalOperationError than some unpredictable behavior at some later point in time.

    I’ll post here if I come up with a good solution.

    • August 31, 2009 at 7:08 am
      Permalink

      I am not actively working on the sample at the moment, but I will have a good look at it the coming period. Thanks for the research.

  • August 29, 2009 at 10:56 pm
    Permalink

    I’m a complete newb to using BlazeDS/Flex (and to a lesser extent Spring), so forgive me if this is a real ignorant question, but like Gok above, I’m a bit confused on the reason for the ChannelSetInvoker? You mention that you need it for Mate, but I’m curious why?

    For example, what if you just put security constraints on your remote blazeDS calls (and of course on entry to the flex app itself.) Within the app if someone tried to do something, and they were no longer authenticated or authorized, they’d be prompted with the login form. Does Mate somehow prevent this simple operation from occurring?

    • August 29, 2009 at 10:59 pm
      Permalink

      I do not want the pop-up and I want to have the authentication details available in spring.

  • August 20, 2009 at 1:44 am
    Permalink

    The pom appears to be out of date – I get:

    [INFO] Failed to resolve artifact.

    Missing:
    ———-
    1) com.asfusion:mate:swc:0.8.8.1

    Try downloading the file manually from the project website.

    Then, install it using the command:
    mvn install:install-file -DgroupId=com.asfusion -DartifactId=mate -Dversion=0.8.8.1 -Dpackaging=swc -Dfile=/path/to/file

    Alternatively, if you host your own repository you can deploy the file there:
    mvn deploy:deploy-file -DgroupId=com.asfusion -DartifactId=mate -Dversion=0.8.8.1 -Dpackaging=swc -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id]

    Path to dependency:
    1) nl.gridshore.samples.books:books-flex-security:swc:1.0.0-SNAPSHOT
    2) com.asfusion:mate:swc:0.8.8.1

    ———-

    • August 20, 2009 at 3:21 pm
      Permalink

      I am not sure, but I think I mentioned that the mate swc files do not come from a maven repository. If not, I am sorry. But at the moment I cannot find a repository that contains the mate file. So please download and install it yourself.

  • August 12, 2009 at 1:10 am
    Permalink

    I love the way the project is laid out, is it possible to add the eclipse plugin to the POM file to be able to convert this to an eclipse project? I didn’t have any luck with “eclipse:eclipse” command.

    • August 13, 2009 at 11:31 am
      Permalink

      Not sure, there are numerous posts about flex builder and maven. You can try your luck there. (Flex builder is also eclipse if you did not know)

  • July 24, 2009 at 10:37 am
    Permalink

    Great tutorial. Just one thing I think you need to know, when I use maven install, it complained one artifact is missing:javax.transaction:jta:jar:1.0.1B

    I think this is caused by the transaction jar is renamed, I seen a similar problem when using jdo and datanucleus. It would be great if you can update dependences.
    Also, I am expecting the solution for refresh problem.
    Thanks~

  • July 21, 2009 at 9:53 pm
    Permalink

    Is there a way to cause Spring Security to auto-login to the channel if you have an active Spring Security session? I would very much like to be able to have the user log in once and be able to be auto-authenticated for the duration of their session (meaning that they don’t have to log in when they switch between apps or even just refresh the page).

    Thanks very much for the code; it is a big help!

    • July 21, 2009 at 11:04 pm
      Permalink

      Well to be honest, that is the biggest disadvantage with respect to earlier examples of mine. With my more custom solution I am able to do just that. But with this nice integration I still have to look for the best solution.
      Sorry about that

  • July 15, 2009 at 2:30 pm
    Permalink

    Hi all! I’m integrated my web application with spring. I’m used spring-flex-1.0.0.RC2 + spring-security 2.0.4.
    My application work fine, but have mistake by part integration spring security and flex. When I start application at the first time I can’t login to application. (Error: Client.Authentication – null – An Authentication object was not found in the SecurityContext) But i type correct login and password.
    After i restart tomcat and try login with the same login and password and spring security allow input me to my application.
    I know how reproduce this bug (I use FireFox3 + web developer tools): for this 1)clean cache on tomcat 2)used web developer tools for clean cache + http session authentication.
    But I can’t resolve this bug.
    Maybe anybody can help me?

  • July 10, 2009 at 12:42 pm
    Permalink

    hi, the refresh problem maybe in your mate extension code(books-flex-security\src\main\flex\extensions\ChannelSetInvoker.as):

    if (method == “login”) {

    }
    else if (method == “logout”) {

    }
    else if (method == “authenticated”) {
    var isAuthenticated:Boolean = channelSet.authenticated;
    scope.lastReturn = isAuthenticated;
    var event:ResultEvent = new ResultEvent(“user is authenticated?”, false, true, isAuthenticated);
    innerHandlersDispatcher.dispatchEvent(event);
    }

    Because isAuthenticated set either “true” or “flase”, result is the same. I’m new to flex, can you explain it for me? Thanks.

  • July 9, 2009 at 3:27 pm
    Permalink

    When I have entered the site, refresh the page, now I have to login again. Is this a bug? Thanks.

    BTW: nice job!

    • July 9, 2009 at 4:32 pm
      Permalink

      Not sure this is a bug, for me it is expected behavior. In previous versions I did manage to overcome this, but I still need to make this happen for this solution as well. In the previous solution I had more control, did the authentication myself instead of using the spring integration stuff.

      I am planning on finding a solution, maybe post a question on the spring forum ??

      thanks Jettro

  • July 1, 2009 at 11:11 am
    Permalink

    Hi Jettro, “The ChannelSetInvoker gives you full control and integration in the Mate framework in a very lightweight way” is the answer what I am looking for.I am new to Mate framework I will examine your source code under this motto. Thanks again.

  • June 30, 2009 at 11:30 pm
    Permalink

    Hi Gok, to my opinion there is not really another way. The ChannelSetInvoker gives you full control and integration in the Mate framework in a very lightweight way. Of course I am open to suggestions.

  • June 30, 2009 at 9:49 am
    Permalink

    I could’nt see the point why did you create ChannelSetInvoker. I’m examinig Spring BlazeDS integration testdrive these is a simple sample which integrates Flex, Spring and Spring Security and we can easly enforce authentication and authorization by . Could you explain why did you choose this way? Nice article thanks.

  • June 18, 2009 at 10:14 pm
    Permalink

    Hey Jettro, nice writeup. Just wanted to mention that if you’re missing debug support, you can always run jetty with jpda enabled. If you’re running jetty from maven as you say, you just need to tweak your MAVEN_OPTS. More info here: http://cwiki.apache.org/WICKET/maven-jetty-plugin.html

    Your project setup seems somewhat familiar to what we use, except that we usually group all of our java code in the web module (including domain / services etc.).

    One more tip, you can work around having to do jetty:run-war and simply use jetty:run if you configure your jetty plugin to use multiple webapp source directories. Basically, you can provide a comma-separated list of directories in which jetty looks for it’s webapp files in order of importance. In this list, you just provide your normal working webapp dir, and tag the target webapp dir where maven will copy the swf files behind that. More info here: http://docs.codehaus.org/display/JETTY/Multiple+WebApp+Source+Directory

    cheers,
    Bart

  • May 24, 2009 at 4:49 pm
    Permalink

    Thanks again for a very interesting tutorial!
    Going to try to implement this in the Flex/Mate/Spring application I’m working on asap.

    Jochen

Comments are closed.