RPC fault string=Security error accessing url

[mac_55]

Hi Guys,

My app's been online for some time now (over a month) and I've logged in today
and noticed the attached error which has appeared out of the blue (I haven't
logged in to it for a couple of weeks but everything was working fine). Any
idea as to what sort of problem the application's having?

Thanks

Here is the error:
[url]http://s299.photobucket.com/albums/mm312/thedigit/?action=view&current=error.jpg[/url]

[mac_55]

Oddly, I've just installed Flash Player version 9,0,115,0 and it seems to work fin in there, no errors.

Hrm. Any ideas?

[Kaotic101]

Generally when something is labeled as a Security error with flash it relates
to the crossdomain.xml file. The first thing I'd check is all of the services
being used to bring in data are coming from places that are allowed within the
crossdomain.xml file. An easy way to test this would be to allow everything
within the crossdomain.xml, test it to see if you get the same error, if you
don't then you know the problem belongs there, if you do get the same error
then the problem lies in something deeper like maybe your application cannot
currently find your crossdomain.xml to even check the policies? Just a thought.

[mac_55]

Where should the crossdomain.xml be placed? I have it in the root of the webserver's web directory

[SalmonArm]

FlashPlayer 9.0.124 has increased restrictions with its security model.
For URL based access (FlashLoader) you need the crossdomain.xml in the server
root. For socket based access you need a socket policy file and a policy file
server (assumingly).

I haven't been able to get the latter working. See my cry for help here:

[url]http://www.adobe.com/cfusion/webforums/forum/messageview.cfm?forumid=60&catid=58[/url]
5&threadid=1360744

Adobe has more info here:
[url]http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html[/url]

[mac_55]

I'm not sure if I need a socket policy file, I'm using web services...?

[Kaotic101]

Try changing your crossdomain.xml file to the following for a quick test. It
will allow access to everything. Once you've changed that, refresh your
application and tell us if the web services still throw a security error, if it
does not throw a security error then you do not need the socket policy file you
just need to fine tune your crossdomain.xml access rights for your application.
Having the crossdomain.xml inside of your web root is the right place for it.

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>