SharePoint 2010 and Silverlight

2
votes

We currently have a Silverlight application which is hosted in a SharePoint 2010 page. The Silverlight app makes web service calls to a another server on our domain, which has a clientaccesspolicy file in place. We are experiencing cross-domain issues in our production environment.

Users in the farm admin group can use the Silverlight application without any issues. However, all other users recieve the generic cross domain exception when they try to use this app. We have attached Fiddler to the process and noticed that the farm admins are served the clientaccesspolicy file, but that non-admin users are not. In fact, Fiddler does not ever show an attempt to load this file for non-admins.

This only happens in our production environment, which leads me to believe there is a web config or permission setting causing the issue. Unfortunately, I cannot find anything that backs this up.

Has anyone else run into this issue or know if such a setting exists?

1
silverlightsharepoint-2010
It is necessary to check whether users can access service and policy files directly. - vortexwolf
They can. I have had users test the URL's in their browser. They can hit the service URL and the policy file. They just can't access the Silverlight app when it is hosted in SharePoint. One point that I didn't initially make - the service in question is a simple WCF service executing a SELECT against an SQL Server. It is not the SharePoint web services. - James Smith
There is similar discussion: forums.silverlight.net/t/193638.aspx. Some other ideas: the policy file is cached by browser, or there is some mapping which masks the remote server as if it is a local server. - vortexwolf
I figured it out. It was a mistake on my part. I had to add the full machine name for the service url i.e. webserver.domain.com/service.svc. It was set to webserver/service.svc before. I still don't know why the farm admins could use the first URL but I'm not going to worry about it at this point. - James Smith
Maybe farm admins used this service on local machines, and had access to it because of some implicit url-mapping. Ok, post answer to your question yourself and accept it, it may help other people with similar questions. - vortexwolf

1 Answers

0
votes

See comments above. I had to change the URL to use the full machine name i.e. from webserver/service.svc to webserver.domain.com/service.svc. It solved the problem but doesn't answer the question about why the farm admins could access it. vorrtex's response is the best possible explanation I have seen so far.