Once you’ve developed and tested your Flex application locally, and you’re ready to share it with the rest of the world, you need to move it to a secured hosting environment. Usually, for simplicity and performance, enterprises deploy Java EE servers behind standalone SSL accelerators and load balancers. Sometimes it’s just an Apache server or similar appliance.

This means that the client sends the data via an SSL channel to such an SSL appliance configured on the edge of a firewall. The appliance authenticates the user and maintains the session, and in turn calls the application server running on the intranet via unsecured HTTP to minimize the CPU load on the application server.

In this setup, you have to use a secured endpoint on the client side and an unsecured endpoint on application server. You can configure the channel to use such a pair of endpoints in the services-config.xml file of BlazeDS, but this would require separate builds and configuration files for external and internal deployments. As an alternative, you might want to switch the channels and endpoints dynamically during the runtime, based on which protocol is being used: HTTP or HTTPS.

During the preInitialize event of the Flex application, you can apply a regular expression and find out whether it was started via a secure or nonsecure protocol (Example 6-34).

import mx.messaging.config.ServerConfig; private function preinitializeApplication() : void ...