How to pass Authorization header from Flex WebService?

Question

Hi,

I have Basic Authorization mechanism on the server for WSDL/SOAP. How I can send "Authorization" header through Flex WebService?

Simplified example:

var ws:WebService = new WebService();
ws.wsdl = "http://localhost:8000/api/service.wsdl"

var encoder:Base64Encoder = new Base64Encoder();
encoder.insertNewLines = false;
encoder.encode("SomeUser:SomePassword");

ws.httpHeaders = {AUTHORIZATION : "Basic " + encoder.toString()};

ws.loadWSDL();

var operation:AbstractOperation = ws.get_info;
operation.send();

And I'm getting an Error:

Error #2096: The HTTP request header AUTHORIZATION cannot be set via ActionScript.

Flex application and server are in the same domain. Also I have crossdomain.xml file in the root of my server (http://localhost:8000/crossdomain.xml) but it's never gets called by flex (I know from the log files). I will provide this file anyway:

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"&gt;
<cross-domain-policy>
    <allow-access-from domain="*"/>
    <site-control permitted-cross-domain-policies="all"/>
    <allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>

Thanks, Zinovii

Answer 1

I've never had to do this before in Flex, but what version of the Flash plugin are you running? Version 9.0.115.0. completely blocks the use of that header, while later versions allow it with your crossdomain.xml configuration.