mod_socket_policy_server is an Apache™ module for serving Adobe® socket policy files.
Adobe Flash Player (since version 9.0.124.0) will not open a socket connection
to a server unless the server first authorizes the connection via an Adobe
socket policy. This module serves these policies. (Adobe uses a non-standard
protocol for serving these policies, hence the existence of this module.)
Among other applications, the ability to create a listening socket is useful
for sending real-time updates to web applications (the server can push data to
the listening socket instead of waiting for the client to poll and pull).
Download
Source files and compiled packages are available in the Downloads directory.
Install
On Debian systems:
On other Linux systems:
On Windows:
- Download libapache2-mod-socket-policy-server_0.0.8.zip
- Copy the contents of the modules directory to your modules directory.
- Copy the contents of the configuration files to your configuration file.
- Copy a socket policy from the configuration directory to your configuration directory.
- Please note that the module has not been tested on systems other than Debian. If something doesn't work, please let me know!
Configure the server
The default configuration is well-commented. You can the find the default configuration in:
/etc/apache2/mods-available/socket-policy-server.conf
- Configure Apache2 to listen on port 843.
/etc/apache2/sites-available/socket-policy-server
- Set the value of SocketPolicyServer to enable or disable the module for the default VirtualHost.
- Set the value of SocketPolicyFile to the default socket policy file for the default VirtualHost.
/etc/apache2/sites-available/...
- (Optionally) Create one or more virtual hosts.
- Set the value of SocketPolicyServer to enable or disable the module for each virtual host.
- Set the value of SocketPolicyFile to enable or disable the module for each virtual host.
Test the server
When using the default configuration on Debian, you can test the installation using:
- printf "<policy-file-request/>\0" | netcat 127.0.0.1 843
And the server should respond with the configured socket policy. If the server does
not respond as expected:
- Check that the module is installed.
- Check that the module is loaded.
- Check that the server is listening on the desired ip address and port.
- Check that the module is enabled for the desired virtual host.
- Check that the SocketPolicyFile is configured for the desired virtual host.
- Check that the SocketPolicyFile is accessible by the web server.
- Setting LogLevel Debug for the Apache2 server and checking the Apache2 logs may be helpful.
Configure the socket policy
Adobe socket policies are configured using XML. A selection of
pre-configured socket policies are available in
/usr/share/libapache2-mod-socket-policy-server/socket-policy/
permitted-cross-domain-policies-none.xml
- Does not allow cross domain policies to be served.
- Is the most restrictive socket policy.
- Is the default socket policy for this module.
permitted-cross-domain-policies-by-content-type.xml
- Allows cross domain policies to be served, but only when the policy is served with Content-Type: text/x-cross-domain-policy
permitted-cross-domain-policies-by-ftp-filename.xml
- Allows cross domain policies to be served, but only when the URL ends with /crossdomain.xml
permitted-cross-domain-policies-all.xml
- Allows any file to be served as a cross domain policy file.
For more information about socket policies in particular, and cross domain
policies in general, refer to the
Adobe Cross Domain Policy File Specification.
Copyright © Rock Solid Innovations, LLC.
Website by Rock Solid Solutions, LLC.
Legal.