Silverlight Cross Domain Issue

I’m doing some Silverlight Development and I ran into a wacky issue (or so it seemed at the time).

The Silverlight app would connect to a Java Web Service and get some data (XML). The end result is that this Silverlight app will talk to Java Web Services and the xap file sit on a java web server and be downloaded to the client. During development its done on Windows Machines/VM’s (of course). However, when we connected to the service, it would bomb with a Security Exception as follows:

 

A first chance exception of type ‘System.ServiceModel.CommunicationException’ occurred in System.ServiceModel.dll

Additional information: An error occurred while trying to make a request to URI ‘http://example.org:7001/beans/TestWebServiceBean’. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. Please see the inner exception for more details.

At first glance this looks like an issue with the services clientaccesspolicy.xml file. But looking at the requests through fiddler or Web Dev Helper we can see that an HTTP success (200) was occurring for the requests of those files. They were coming back as expected.

 

CAS: True Smoke and Mirrors

The problem was due to the fact that we running Silverlight under the Test html page from the file system. So it would look something like this:

C:\SVNHome\path\to\project\Bin\Debug\TestPage.html

The Silverlight app would call a web service on the network or Internet. Them, BOOM all hell would break loose. Security exceptions flying around like snowflakes in Minnesnowta.

It looks like this was an issue with Code Access Security. Now I’m not exactly 100% sure where in the CAS stack this error occurred, but I do know that the local file was in a different zone than the Internet zone and when executing code in different zones you run into tons of CAS issues (SecurityExceptions). <Sarcasm>Read more about the super exciting world of CAS here </Sarcasm>. 

So I created a ASP.NET Web App and linked the Silverlight app with the Web App. I fired up the test page which now looks like this:

http://localhost:3399/SilverlightApplicationWevSvcTestTestPage.aspx

BOOM! The app worked just like it should have. Looks like a definite culprit of the deadly CAS. :)

:)

Android Dev Digest

Get the best Android Developer posts delivered weekly to your inbox.

Don't worry, I wont spam (I hate that stuff too).

  • karol cybul

    In my case this work only when I’ve clientaccesspolicy.xml in C:inetpubwwwroot.
    If xml is in this folder he is accesible from any place.