Silverlight 2.0 and WCF

Having had some time to digest all the news from MIX08 I am working on converting a Silverlight 1.1 project to Silverlight 2.0. One of the major changes is to move from ASMX services to WCF services. Now, that cross-domain access is possible and with WCF inherently being more complex there are a lot of failure points.

So, having spend probably a total of 8 hours on updating the structure of the new project and deploying it to a production environment I thought I'd share this with you so you don't have to spend that much time. Since most of the time spent had to do with deployment and WCF configurations I will focus on that.

The 3 main challenges I needed to figure out were...

  1. Windows authentication versus Anonymous authentication. This is solely WCF and doesn't have to do with Silverlight directly.
  2. Cross-domain access. This is important when troubleshooting your service, which has been deployed to production, and referencing it within your local Visual Studio Silverlight project.
  3. Asp.net Compatibility. Again, WCF only configuration.

1. Windows vs. Anonymous authentication.

By default, WCF requires you to have your IIS virtual directly configured to be accessible anonymously. However, if you do some kind of domain related stuff you need your IIS virtual directly to be configured to be Windows Authentication. Here is the code to update your web.config file of the WCF web application.

<system.serviceModel>

        <bindings>

            <basicHttpBinding>

                <binding name="MyBinding">

                    <security mode="TransportCredentialOnly">

                        <transport clientCredentialType="Windows" />

                    </security>

                </binding>

            </basicHttpBinding>

        </bindings>

        <behaviors>

            <serviceBehaviors>

                <behavior name="DesignDBServiceBehavior">

                    <serviceMetadata httpGetEnabled="true"/>

                    <serviceDebug includeExceptionDetailInFaults="false"/>

                </behavior>

            </serviceBehaviors>

        </behaviors>

        <services>

            <service behaviorConfiguration="DesignDBServiceBehavior" name="DesignDBService">

                <endpoint

                    address=""

                    binding="basicHttpBinding"

                    contract="IDesignDBService"

                    bindingConfiguration="MyBinding">                   

                </endpoint>               

            </service>

        </services>

        <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>

    </system.serviceModel>

2. Cross-domain access.

I mainly just needed to get this working because I tried to debug my local SL project having referenced and external cross-domain WCF service. In order to get this working you need to put a "clienataccesspolicy.xml" in the root of your IIS server. This is usually at C:\inetpub\wwwroot. If the file is there and granted the file allows your local domain of your SL project access, Silverlight will automatically acknowledge the file and give access. So, there is nothing you need to do within Silverlight. HOWEVER, MAKE SURE TO RESTART IIS. THE FILE IS NOT RECOGNIZED RIGHT AWAY.

<?xml version="1.0" encoding="utf-8"?>

<access-policy>

  <cross-domain-access>

    <policy>

      <allow-from>

        <domain uri="*"/>

      </allow-from>

      <grant-to>

        <resource path="/" include-subpaths="true"/>

      </grant-to>

    </policy>

  </cross-domain-access>

</access-policy>

3. Asp.net Compatibility

This involves two steps

1. Change to the web.config file of the WCF web application.

<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>

   add this line into the root of <system.serviceModel>.

2. Adding of a class property of the service class, not the service interface.

using System;
using System.ServiceModel;
using System.Configuration;
using System.Web;
using System.Web.Configuration;
using System.ServiceModel.Configuration;
using System.Text;
using System.Security.Principal;
using System.ServiceModel.Activation;
using System.Collections.Generic;


using System.Linq;

[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class DesignDBService : IDesignDBService
{

41 Comments

  • Thank you for this - I'll be checking this out soon and hoping that it solves my error as well!

  • Dear Tolga,
    I am still getting this security error trying to call my WCF web service from my silverlight 2 application. Here is the error.
    I made the change you said was required for WCF to use windows authentication, but I still get the same error. I have also setup a ICrossDomainPolicyResponder but that didn't work either. Can you help me please?
    {System.ServiceModel.CommunicationException: An error occurred while trying to make a request to URI
    'http://localhost:3429/OperatorAccountService.svc/main'. This could be due to a cross domain configuration error.
    Please see the inner exception for more details. ---> System.Security.SecurityException: Security error.
    at MS.Internal.InternalWebRequest.Send()

  • Hi

    I made a simple wcf service hosted in iis. I am trying to call it in silverlight 2 application. I added crossdomain.xml, clientaccesspolicy.xml in the root of service folder.

    The service is accessed anonymously i and also followed the third step.

    Still i get an exception of type 'System.ServiceModel.ProtocolException'.
    Additional information: The remote server returned an unexpected response: (404) Not Found.

    can you tell what i am missing ?

  • How can I pass some information between client and server for all calls. Well, I may be asking a wrong question. I read many online articles about WCF security and Sliverlight. They sound like they are all talking about how to authenticate a client. In my case, it's ok to allow anonymous access to all end points. But if a record can be returned or an operation should be performed is determined in code, by the user name and password provided in a context object, which was input at the first time a user signed in and attached automatically (through a static member in the framework, I guess) to each call to the service.
    Could you point me out the solution in Silverlight 2?

  • In my application, it is ok to allow anonymous access to all end points. But the logic determining if a certain operation can be preformed is in code, by user information provided in a context object. Could you point me out the solution to pass user information automatically for each service call?

  • Hello everyone:

    I apologize for not getting back to you guys earlier. I feel you pain, since it has been mine for days as well. All I can tell you is that what I posed works.

    for some of you it seems like the issues are within WCF.

    I recommend isolating the issue...

    1. Create a regular web app and try to consume the WCF services you created.
    2. Create a silverlight project WITH an web application. Build the same WCF service within the Silverlight host web site and run it. Cross domain erros should not appear here, since the Silverlight project and the hosting web project are part of the same solution.
    3. Try to consuem the first WCF you created. It needs to be hosted in IIS with the crossdomain.xml file in the root. In my case...wwwroot.

    Good luck

    --tolga

  • We have to put the crossdomainpolicy.xml file in the folder C:/Inetpub/wwwroot and host the WCF Web application in IIS by going to properties window of WCF Web Application project, select the Web tab and select the option "Use IIS Web Server". This has to be done in case our WCF service is hosted on a remote machine other than the client app machine....It worked for me...

  • OxjAUy Major thankies for the blog post.Really looking forward to read more. Much obliged.

  • 6PmsNz I really liked your blog article.Really looking forward to read more. Keep writing.

  • I've been surfing online more than 3 hours today, yet I never found any interesting article like yours. It is pretty worth enough for me. In my view, if all web owners and bloggers made good content as you did, the net will be much more useful than ever before.

  • ysk2Cd Im obliged for the article post.Much thanks again. Really Great.

  • I'm impressed, I have to admit. Rarely do I encounter a blog that's
    equally educative and entertaining, and let me tell you, you've hit the nail on the head. The issue is something not enough men and women are speaking intelligently about. Now i'm very happy I found this during my search for something
    relating to this.

  • I'm amazed, I must say. Rarely do I come across a blog that's both educative and engaging, and let me tell you, you have hit the nail on the head.
    The problem is an issue that not enough men and women are speaking intelligently about.

    I'm very happy I found this in my hunt for something concerning this.

  • It is actually a nice and helpful piece of info. I'm satisfied that you just shared this helpful information with us. Please keep us up to date like this. Thanks for sharing.

  • I'll immediately take hold of your rss as I can't find your e-mail subscription link or e-newsletter service.
    Do you've any? Kindly permit me understand so that I could subscribe. Thanks.

  • At this time it seems like Drupal is the top blogging platform out there right
    now. (from what I've read) Is that what you are using on your blog?

  • Having read this I believed it was very informative.
    I appreciate you finding the time and energy to put this informative article together.
    I once again find myself spending a lot of time both reading
    and posting comments. But so what, it was still worth it!

  • Do you have a spam issue on this website; I also am a blogger, and I was curious about
    your situation; we have created some nice methods and we are looking to
    exchange methods with others, be sure to shoot me an e-mail if interested.

  • You actually make it seem so easy with your presentation but I find this matter to be actually
    something which I think I would never understand.
    It seems too complicated and very broad for me. I'm looking forward for your next post, I'll try to get the hang
    of it!

  • Hi there! I know this is somewhat off-topic but I had to ask.
    Does running a well-established website such as
    yours take a lot of work? I'm brand new to writing a blog however I do write in my diary everyday. I'd like to
    start a blog so I can easily share my personal experience and views online.
    Please let me know if you have any ideas or tips for
    new aspiring bloggers. Appreciate it!

  • you're actually a good webmaster. The site loading velocity is incredible. It kind of feels that you are doing any distinctive trick. Moreover, The contents are masterpiece. you've performed a wonderful
    task in this subject!

  • I delight in, lead to I found just what I was looking for.
    You have ended my four day lengthy hunt! God Bless you man.
    Have a nice day. Bye

  • I always spent my half an hour to read this website's posts daily along with a cup of coffee.

  • obviously like your website but you need to check the spelling
    on quite a few of your posts. Several of them are rife with spelling problems and
    I find it very bothersome to inform the reality nevertheless I will certainly
    come back again.

  • Hi there, I enjoy reading all of your article post.
    I like to write a little comment to support you.

  • Keep on writing, great job!

  • Hello my friend! I wish to say that this article is awesome, nice written and come with approximately all vital infos.

    I would like to peer extra posts like this .

  • Excellent blog here! Also your web site loads up
    fast! What host are you using? Can I get your affiliate link to your host?
    I wish my site loaded up as quickly as yours lol

  • It's remarkable to go to see this site and reading the views of all mates regarding this article, while I am also eager of getting experience.

  • It is perfect time to make some plans for the longer term and it is
    time to be happy. I've read this put up and if I may I wish to recommend you some attention-grabbing issues or tips. Perhaps you can write subsequent articles referring to this article. I want to read more things approximately it!

  • I'm amazed, I have to admit. Seldom do I come across a blog that's equally educative and entertaining,
    and without a doubt, you have hit the nail on the head.

    The problem is something not enough people are speaking
    intelligently about. Now i'm very happy that I found this in my search for something relating to this.

  • It's difficult to find educated people on this subject, but you sound like you know what you're talking about!
    Thanks

  • We are a group of volunteers and opening a new scheme in our community.

    Your web site offered us with valuable info to work on.
    You've done an impressive job and our entire community will be grateful to you.

  • Hey very nice blog!

  • Appreciating the dedication you put into your site
    and detailed information you present. It's great to come across a blog every once in a while that isn't the same outdated rehashed material.
    Excellent read! I've saved your site and I'm adding your RSS feeds to my
    Google account.

  • Its like you read my mind! You appear to know a lot about this,
    like you wrote the book in it or something. I think that you could do with
    a few pics to drive the message home a little bit, but instead of that,
    this is great blog. An excellent read. I will
    definitely be back.

  • I am really grateful to the holder of this web site who has
    shared this great post at here.

  • I don't create a bunch of responses, however I looked at a few of the comments on Silverlight 2.0 and WCF - Tolga Koseoglu. I actually do have a couple of questions for you if it's okay.

    Is it only me or do some of the responses come
    across like they are written by brain dead visitors? :-P And, if you are posting on other
    places, I'd like to follow you. Would you list of the complete urls of all your social sites like your linkedin profile, Facebook page or twitter feed?

  • This design is spectacular! You certainly know how to keep a
    reader amused. Between your wit and your videos, I was almost moved to start my own
    blog (well, almost...HaHa!) Excellent job. I really enjoyed what
    you had to say, and more than that, how you presented it.
    Too cool!

  • ScfqY9 This is one awesome article.Really looking forward to read more. Will read on...

  • JKLqFU I really liked your article post. Cool.

Comments have been disabled for this content.