views:

487

answers:

1

Trying to call a WCF with a netTcpBinding via Silverlight, I am getting the error:

"TCP error code 10013: An attempt was made to access a socket in a way forbidden by its access permissions.. This could be due to attempting to access a service in a cross-domain way while the service is not configured for cross-domain access. You may need to contact the owner of the service to expose a sockets cross-domain policy over HTTP and host the service in the allowed sockets port range 4502-4534."

My WCF service is hosted in IIS7, bound to:

http://localhost.myserivce.com on port 80 and net.tcp on port 4502

I can see http://localhost.myserivce.com/myservice.svc if I browse to it (my hosts file is pointing this domain to localhost). I can also see http://localhost.myserivce.com/clientaccesspolicy.xml:

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
   <cross-domain-access>
      <policy>
         <allow-from http-request-headers="*">
            <domain uri="*" />
         </allow-from>
         <grant-to>
            <socket-resource port="4502-4534" protocol="tcp" />
         </grant-to>
      </policy>
   </cross-domain-access>
</access-policy>

What am I doing wrong?

+1  A: 

If you try to establish a TCP connection in port range 4502-4534, Silverlight will first post a request on port 943 to retrieve the client access policy file content - It won't read the file at http://localhost.myserivce.com/clientaccesspolicy.xml, because this is only for HTTP requests. You need to configure your server to listen on TCP port 943, expect a request string equal to <policy-file-request/> and reply with the xml file content.

The code below shows a basic implementation, you need to pass it a local IPEndPoint using port 943:

public class SocketPolicyServer
{
    private const string m_policyRequestString = "<policy-file-request/>";
    private string m_policyResponseString;
    private TcpListener m_listener;
    bool _started = false;

    public SocketPolicyServer()
    {
        m_policyResponseString = File.ReadAllText("path/to/clientaccesspolicy.xml");
    }

    public void Start(IPEndPoint endpoint)
    {
        m_listener = new TcpListener(endpoint);
        m_listener.Start();
        _started = true;
        m_listener.BeginAcceptTcpClient(HandleClient, null);
    }

    public event EventHandler ClientConnected;
    public event EventHandler ClientDisconnected;

    private void HandleClient(IAsyncResult res)
    {
        if(_started)
        {
            try
            {
                TcpClient client = m_listener.EndAcceptTcpClient(res);
                m_listener.BeginAcceptTcpClient(HandleClient, null);
                this.ProcessClient(client);
            }
            catch(Exception ex)
            {
                Trace.TraceError("SocketPolicyServer : {0}", ex.Message);
            }
        }
    }

    public void Stop()
    {
        _started = false;
        m_listener.Stop();
    }

    public void ProcessClient(TcpClient client)
    {
        try
        {
            if(this.ClientConnected != null)
                this.ClientConnected(this, EventArgs.Empty);

            StreamReader reader = new StreamReader(client.GetStream(), Encoding.UTF8);
            char[] buffer = new char[m_policyRequestString.Length];
            int read = reader.Read(buffer, 0, buffer.Length);

            if(read == buffer.Length)
            {
                string request = new string(buffer);

                if(StringComparer.InvariantCultureIgnoreCase.Compare(request, m_policyRequestString) == 0)
                {
                    StreamWriter writer = new StreamWriter(client.GetStream());
                    writer.Write(m_policyResponseString);
                    writer.Flush();
                }
            }
        }
        catch(Exception ex)
        {
            Trace.TraceError("SocketPolicyServer : {0}", ex.Message);
        }
        finally
        {
            client.GetStream().Close();
            client.Close();
            if(this.ClientDisconnected != null)
                this.ClientDisconnected(this, EventArgs.Empty);
        }
    }
}
orwell01