Accessing SharePoint Web Services over Silverlight

4
votes

I have a problem to access SharePoint Webservice over Silverlight.

An error occurred while trying to make a request to URI 'http://sample:8000/_vti_bin/Authentication.asmx'. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. Please see the inner exception for more details.

Some questions:

  1. How do I correctly deploy clientaccesspolicy.xml over Sharepoint Designer? Simply open site in designer, add file and then publish?
  2. The site where clientaccesspolicy.xml should be deployed use forms authentication. I wasn't able to use Sharepoint Designer to publish there. Because of that, I created new zone for this site, which use Windows Authentication and published clientaccesspolicy.xml there. Both use same content database, didn't ?
  3. If clientaccesspolicy.xml will be published, how can I allow this file be accessed anonymously?

Regards Anton Kalcik

5
silverlightweb-servicessharepoint
I wasn't able to access the file anonymously. What I did was I created "Silverlight-enabled WCF Service" which act as proxy between Silverlight application and SharePoint web services.Anton Kalcik

5 Answers

1
votes

Here answers to my question 1. and 2.:

  1. In Sharepoint Designer you open the site over: File -> Open Site -> In text field "Site name:" type URL of your site. Than drag & drop clientaccesspolicy.xml in root of your site.
  2. If you have Form Authentication, you don't need for this step create new zone (but for some reasons it can be useful). You simply open web browser and type URL of your site. Then fill up text fields (always with user that have administrator privileges) and check "Sign me in automatically". After that will Sharepoint designer use this credentials for specified URL.

If you can help me with question Nr. 3, or you have some other solution, how can I access clientaccesspolicy.xml from Silverlight, post it!

1
votes

The way we handled this on our project was to use an HTTP Handler. We put the clientaccesspolicy.xml file in the _layouts directory (which is shared across sharepoint sites) using a feature (you can also just manually copy it there).

Then we added our HTTP handler to the web.config handlers section. In our handler we check to see if the request is for /clientaccesspolicy.xml and if so we rewrite the path:

if (path.ToLowerInvariant() == "/clientaccesspolicy.xml")
{
    HttpContext.Current.RewritePath("/_layouts/clientaccesspolicy.xml");
}

I'm not sure if this will bypass the security so it might not fully address your issue. But at least it gives you a method to access this file.

0
votes
  1. That is fine.
  2. It should be, provided you haven't setup a whole new site somehow.
  3. It shouldn't be as that would be a security risk. If you need to authenticate via WindowsAuth for the services so should you for the clientaccesspolicy.xml.
0
votes

Keep in mind that clientaccesspolicy.xml must be at the domain root. In your example it would have to availble from http://sample:8000/clientaccesspolicy.xml. If you can't open it from your browser at that URL, your Silverlight client won't find it either.

The easiest way to get the file in the right place is to just copy it there via FTP or explorer. The file should be available to anonymous users (read only of course).

0
votes

I find more realeable way to implement sharepoint httpHandler: it returns all content of clientaccesspolicy.xml himself

        public void ProcessRequest(HttpContext context) {
        if (context.Request.Path.ToLowerInvariant() == "/clientaccesspolicy.xml")            {
            context.Response.Write(@"<?xml version='1.0' encoding='utf-8' ?><access-policy><cross-domain-access> "+
            @"<policy> <allow-from http-request-headers='*'> <domain uri='*' /> </allow-from> <grant-to> "+
            @"<resource path='/' include-subpaths='true' /> </grant-to> </policy> "+
            @"</cross-domain-access> </access-policy>");
        }
    }