flex.messaging.security.SecurityException: Secure endpoint '/spring/messagebroker/amfsecure' must be contacted via a secure protocol.

Spring JIRA | T Shah | 7 years ago
  1. 0

    We ran into into a production issue with SSL configuration where the following error was printed but only after log level was set to DEBUG. 19 May 2010 15:18:09,620 DEBUG Could not complete request org.springframework.web.servlet.FrameworkServlet processRequest 595 flex.messaging.security.SecurityException: Secure endpoint '/spring/messagebroker/amfsecure' must be contacted via a secure protocol. at flex.messaging.endpoints.AbstractEndpoint.validateRequestProtocol(AbstractEndpoint.java:1131) at flex.messaging.endpoints.AbstractEndpoint.service(AbstractEndpoint.java:796) at flex.messaging.endpoints.BaseHTTPEndpoint.service(BaseHTTPEndpoint.java:262) at org.springframework.flex.messaging.servlet.MessageBrokerHandlerAdapter.handle(MessageBrokerHandlerAdapter.java:79) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:861) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:793) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:578) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:514) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) at java.lang.Thread.run(Unknown Source) This sounds like a case where this error should have been flagged with at least a WARNING, possibly ERROR because nothing further could happen here. Can this be updated in future versions so this is more easily detectable? Regards, Tejash

    Spring JIRA | 7 years ago | T Shah
    flex.messaging.security.SecurityException: Secure endpoint '/spring/messagebroker/amfsecure' must be contacted via a secure protocol.
  2. 0

    We ran into into a production issue with SSL configuration where the following error was printed but only after log level was set to DEBUG. 19 May 2010 15:18:09,620 DEBUG Could not complete request org.springframework.web.servlet.FrameworkServlet processRequest 595 flex.messaging.security.SecurityException: Secure endpoint '/spring/messagebroker/amfsecure' must be contacted via a secure protocol. at flex.messaging.endpoints.AbstractEndpoint.validateRequestProtocol(AbstractEndpoint.java:1131) at flex.messaging.endpoints.AbstractEndpoint.service(AbstractEndpoint.java:796) at flex.messaging.endpoints.BaseHTTPEndpoint.service(BaseHTTPEndpoint.java:262) at org.springframework.flex.messaging.servlet.MessageBrokerHandlerAdapter.handle(MessageBrokerHandlerAdapter.java:79) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:861) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:793) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:578) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:514) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) at java.lang.Thread.run(Unknown Source) This sounds like a case where this error should have been flagged with at least a WARNING, possibly ERROR because nothing further could happen here. Can this be updated in future versions so this is more easily detectable? Regards, Tejash

    Spring JIRA | 7 years ago | T Shah
    flex.messaging.security.SecurityException: Secure endpoint '/spring/messagebroker/amfsecure' must be contacted via a secure protocol.

    Root Cause Analysis

    1. flex.messaging.security.SecurityException

      Secure endpoint '/spring/messagebroker/amfsecure' must be contacted via a secure protocol.

      at flex.messaging.endpoints.AbstractEndpoint.validateRequestProtocol()
    2. BlazeDS Core Library
      BaseHTTPEndpoint.service
      1. flex.messaging.endpoints.AbstractEndpoint.validateRequestProtocol(AbstractEndpoint.java:1131)
      2. flex.messaging.endpoints.AbstractEndpoint.service(AbstractEndpoint.java:796)
      3. flex.messaging.endpoints.BaseHTTPEndpoint.service(BaseHTTPEndpoint.java:262)
      3 frames
    3. org.springframework.flex
      MessageBrokerHandlerAdapter.handle
      1. org.springframework.flex.messaging.servlet.MessageBrokerHandlerAdapter.handle(MessageBrokerHandlerAdapter.java:79)
      1 frame
    4. Spring MVC
      FrameworkServlet.doPost
      1. org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:861)
      2. org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:793)
      3. org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:578)
      4. org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:514)
      4 frames
    5. JavaServlet
      HttpServlet.service
      1. javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
      2. javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      2 frames
    6. Glassfish Core
      CoyoteAdapter.service
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      3. org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
      4. org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
      5. org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
      6. org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      7. org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      8. org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
      8 frames
    7. Grizzly HTTP
      JIoEndpoint$Worker.run
      1. org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
      2. org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      3. org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
      3 frames
    8. Java RT
      Thread.run
      1. java.lang.Thread.run(Unknown Source)
      1 frame