Hi All,
We are facing issue in STOMP client because of newly implemented
restriction on flash
player.([url]http://www.adobe.com/devnet/flashplayer/articles/flash_player9_security_[/url]
update.html).


Because of this, Our STOMP client is not able to get messages from activemq.


We have tried to add socket meta files as discussed in others article but we
were not able to get solutions.

We have done below stuffs.

1) Added LoadPolicy code in stompclient for getting policyfile from server
running on 80 port.
2) Also set xmlSocket as load policy to get connection from stompclient to
Activemq.


1) PolicyFile.xml(loading this also in STOMPClient.swf)

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for xmlsocket://socks.example.com -->
<cross-domain-policy>
<!-- This is a master-policy file -->
<site-control permitted-cross-domain-policies="master-only"/>
<!-- Instead of setting to-ports="*",
administrators can use ranges and commas -->
<!-- This will allow access to ports 123, 456, 457, and 458 -->
<allow-access-from domain="*" to-ports="*" />
</cross-domain-policy>

2) Flash players logs(using debug version of Flash player)

Error: Request for resource at xmlsocket://192.168.1.12:61613 by requestor
from [url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url] is denied due to lack of
policy file permissions.
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/ladyguinn.swf[/url]
OK: Searching for <allow-access-from> in policy files to authorize data
loading from resource at xmlsocket://192.168.1.12:61613 by requestor from
[url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Policy file accepted: [url]http://192.168.1.12/crossdomain.xml[/url]
Warning: Timeout on xmlsocket://192.168.1.12:61613 (at 3 seconds) while
waiting for socket policy file. This should not cause any problems, but see
[url]http://www.adobe.com/go/strict_policy_files[/url] for an explanation.
Error: Request for resource at xmlsocket://192.168.1.12:61613 by requestor
from [url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url] is denied due to lack of
policy file permissions.
OK: Root-level SWF loaded: [url]http://mail.google.com/a/sigmainfo.net/im/sound.swf[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/ladyguinn.swf[/url]
OK: Root-level SWF loaded: [url]http://mail.google.com/a/sigmainfo.net/im/sound.swf[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/bill.swf[/url]
OK: Searching for <allow-access-from> in policy files to authorize data
loading from resource at xmlsocket://192.168.1.12:61613 by requestor from
[url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Policy file accepted: [url]http://192.168.1.12/crossdomain.xml[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/bill.swf[/url]
OK: Searching for <allow-access-from> in policy files to authorize data
loading from resource at xmlsocket://192.168.1.12:61613 by requestor from
[url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Policy file accepted: [url]http://192.168.1.12/crossdomain.xml[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Root-level SWF loaded: [url]http://127.0.0.1/blackwells/bid/bill.swf[/url]
OK: Searching for <allow-access-from> in policy files to authorize data
loading from resource at xmlsocket://192.168.1.12:61613 by requestor from
[url]http://127.0.0.1/blackwells/bid/stompclient.swf[/url]
OK: Policy file accepted: [url]http://192.168.1.12/crossdomain.xml[/url]
Warning: Ignoring <site-control> tag in policy file from
[url]http://192.168.1.12:843/policyfile.xml[/url]. This tag is only allowed in master
policy files.
Warning: Domain 192.168.1.12 does not specify a meta-policy. Applying default
meta-policy 'all'. This configuration is deprecated. See
[url]http://www.adobe.com/go/strict_policy_files[/url] to fix this problem.
OK: Root-level SWF loaded: [url]http://192.168.1.12/blackwells/bid/stompclient.swf[/url]
OK: Root-level SWF loaded: [url]http://192.168.1.12/blackwells/bid/ladyguinn.swf[/url]
OK: Searching for <allow-access-from> in policy files to authorize data
loading from resource at xmlsocket://192.168.1.47:61613 by requestor from
[url]http://192.168.1.12/blackwells/bid/stompclient.swf[/url]
Warning: [strict] Ignoring policy file at xmlsocket://192.168.1.47:843 due to
incorrect syntax. See [url]http://www.adobe.com/go/strict_policy_files[/url] to fix this
problem.
Warning: Timeout on xmlsocket://192.168.1.47:61613 (at 3 seconds) while
waiting for socket policy file. This should not cause any problems, but see
[url]http://www.adobe.com/go/strict_policy_files[/url] for an explanation.
Error: Request for resource at xmlsocket://192.168.1.47:61613 by requestor
from [url]http://192.168.1.12/blackwells/bid/stompclient.swf[/url] is denied due to lack
of policy file permissions.


3) Setting below load policy files in stompclient.mxml

flash.system.Security.loadPolicyFile("http://" + server +
"/crossdomain.xml");
//flash.system.Security.loadPolicyFile("http://" + server +
"/policyfile.xml");
flash.system.Security.loadPolicyFile("xmlsocket://" + server +
":"+port);


4) we have also changed crossdomain.xml (this is using Schema instead of DTD
as <site-control > is not there in DTD)

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*" />
<site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>

Can you tell me what are we are missing, still we are not getting messages.any
idea.

Regards,
Jigar