Dealing with Silverlight and SSL and without SSL

Silverlight can without any problem talk to HTTP or HTTPS.

So if you do not know where will be deployed you’ll need to make sure your application will work well in both scenarios.

All your web services will need two configuration on the binding of the protocol.

<configuration>
    <system.serviceModel>
              
        <bindings>
            <basicHttpBinding>
                <binding name="BasicHttpBinding_SilverlightWebService" maxBufferSize="2147483647"
                    maxReceivedMessageSize="2147483647">
                    <security mode="None" />
                </binding>
              <binding name="BasicHttpBinding_SilverlightWebServiceSSL" maxBufferSize="2147483647"
                    maxReceivedMessageSize="2147483647">
                <security mode="Transport" />
              </binding>
            </basicHttpBinding>
        </bindings>

One for not security (None) and the other for SSL (Transport)

Second, you’ll have to create a class inheriting from the base proxy class of the service.

public class SilverlightWebServiceProxy : SLService.SilverlightWebServiceClient

Then detect if is in https and use the correct security model.

base.Endpoint.Contract.Name = base.Endpoint.Contract.Name + "SSL";

This is simple, yet you need to make sure all the resources that you accessed in HTTP are accessible in HTTPS.

Please make sure to use the correct clientaccesspolicy.xml that explicitly says that https is ok to access the resources, otherwise Silverlight will failed.

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
    <cross-domain-access>
        <policy>
            <allow-from http-request-headers="SOAPAction">
                <domain uri="http://*" />
                <domain uri="https://*" />
            </allow-from>
            <grant-to>
                <resource include-subpaths="true" path="/"/>
            </grant-to>
        </policy>
    </cross-domain-access>
</access-policy>

 

Hope this helps

Cheers

Al

Published Wednesday, June 03, 2009 9:26 PM by albertpascual
Filed under: , ,

Comments

# Dealing with Silverlight and SSL and without SSL - Al Pascual

Thursday, June 04, 2009 9:43 AM by DotNetShoutout

Thank you for submitting this cool story - Trackback from DotNetShoutout

# re: Dealing with Silverlight and SSL and without SSL

Thursday, June 11, 2009 9:39 AM by madact

Hi,

I have a silverlight application which works fine on my local system.But gives me error while hosted in IIS.

I have a Silverlight-Enabled WCF service in "MyProject.Web" project.A service reference in silverlight project is hosting that WCF.

(MyProject.Web and silverlight app are in same solution).Everything works fine on my localsystem.But the application fails in IIS throwing the following exception:

An error occured while trying to make a request to URI 'localhost/Service.svc'.This could be due to attempting to access a service in a cross-domain

way without a proper cross-domain policy in place, or a policy that is unsuitable for soap services.You may need to contact the owner of the service to publish a

cross-domain policy file and to ensure ita llows SOAP-related HTTP headers to be sent.Please see the inner exception for more details.

Can anyone please suggest how to overcome this error.I have added both policy files but I think they are not detected at all.Pls suggest where the files should be added or some other solution.

# re: Dealing with Silverlight and SSL and without SSL

Saturday, October 03, 2009 1:47 AM by ds r4

Thanx for the information. If i want to use SSL for silverlight, does that mean that I would have to need a certification from the server I want to connect.

Leave a Comment

(required) 
(required) 
(optional)
(required)