我开发Grails + BlazeDS服务器和Flex AIR客户端,并出现此错误消息: 检测到基于HTTP的重复FlexSession,通常是由于远程主机禁用会话cookie导致DuplicateSessionDetected异常。必须启用会话cookie才能正确管理客户端连接当使用https而不是http
谷歌搜索没有成功,因为我发现情况有所不同。 只有当Flex客户端通过https与服务器交互时,我才会遇到问题。
Flex客户端:
<s:ChannelSet id="userChannel">
<s:SecureAMFChannel uri="https://localhost:8443/Con/messagebroker/amfpolling" />
</s:ChannelSet>
按一下按钮在UI触发登录方法:
loginResult.token = channelSet.login(usernameInput.text, passwordInput.text);
而且完成了DuplicateSessionDetected例外。 :(
调查网络监控日志后,我发现从服务器接收到jsession饼干在接下来的请求到服务器没有设置:
从服务器响应(操作:client_ping)
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=F58F1ADA97E70915EF9E6E4EE1AEBE00; Path=/; Secure
Content-Type: application/x-amf
Content-Length: 173
Date: Sun, 23 Feb 2014 10:17:00 GMT
Flex Message (flex.messaging.messages.AcknowledgeMessageExt) clientId = EA18E8B9-951F-6F87-7B47-48B8B202EE75 correlationId = 7D2782C1-C8A5-41A3-2055-5E3F771424C8 destination = null messageId = EA18E8F6-9E0E-1FE4-0D26-6F0E602F5C5E timestamp = 1393150620542 timeToLive = 0 body = null hdr(DSMessagingVersion) = 1.0 hdr(DSId) = EA18E8B9-950B-4B42-EF70-369D656BA3F2
而旁边请求给服务器(登录操作)不jsession饼干:
POST /Conn/messagebroker/amfsecure HTTP/1.1
Referer: app:/BlazeDSClient.swf
Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9, text/plain;q=0.8, text/css, image/png, image/jpeg, image/gif;q=0.8, application/x-shockwave-flash, video/mp4;q=0.9, flv-application/octet-stream;q=0.8, video/x-flv;q=0.7, audio/mp4, application/futuresplash, */*;q=0.5
x-flash-version: 12,0,0,68
Content-Type: application/x-amf
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows; U; en) AppleWebKit/533.19.4 (KHTML, like Gecko) AdobeAIR/4.0
Host: localhost
Content-Length: 299
Flex Message (flex.messaging.messages.CommandMessage) operation = login clientId = null destination = auth messageId = 7B47BBF2-08C0-0E41-5D88-5E3F76FA4882 timestamp = 0 timeToLive = 0 ***not printing credentials***
和服务器与新的会话cookie回答:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=03BD8347F9E9511C299B717DD55625C9; Path=/; Secure
Content-Type: application/x-amf
Content-Length: 535
Date: Sun, 23 Feb 2014 10:17:01 GMT
Flex Message (flex.messaging.messages.ErrorMessage) clientId = null correlationId = 7B47BBF2-08C0-0E41-5D88-5E3F76FA4882 destination = auth messageId = EA18F4A7-C80D-103B-F8D0-58B6F148F142 timestamp = 1393150621768 timeToLive = 0 body = null code = Server.Processing.DuplicateSessionDetected message = Detected duplicate HTTP-based FlexSessions, generally due to the remote host disabling session cookies. Session cookies must be enabled to manage the client connection correctly. details = null rootCause = null body = null extendedData = null
并再次 - 当使用非安全协议时,一切正常 - 会话cookie sevt登录操作服务器按预期。
我在Flex开发方面有一点经验,在触发通道登录请求时没有找到任何设置会话cookie的方法。你能帮助解决这个问题吗?
谢谢!
宙斯,谢谢你的回答。 Flex中是否有任何设置可阻止发送的client_ping,因为我没有在代码中触发此请求。我只是调用login()和Flex生成这些序列 - > client_ping,登录。 –
我猜,你的代码中的某个地方正在使用Blazeds Consumer订阅。您可以验证您的应用程序在登录之前是否没有“消费者”调用?也没有多个'Channelset'声明? – Zeus
是的,有消费者登录后订阅,但删除此代码并简化为只有登录操作后,它仍然回来,例外。顺便说一下,它使用HTTP而不是安全的协议。 –