Silverlight can't talk to HTTPS web service?

Question

I've got a Silverlight app that talks to an HTTPS web service.

On most machines it works fine, however, on some machines it fails consistently.

On the machines it fails on, I receive a SecurityException when making a WebClient request to the HTTPS web service. The SecurityException itself doesn't give me any clues as to why it's really failing:

WebClient client = ...;
client.DownloadStringCompleted += OnCompleted;
client.DownloadStringAsyc("https://somewebservice/foo");

...

void OnCompleted(object sender, DownloadStringCompletedEventArgs e)
{
    Console.WriteLine(e.Error); // Prints SecurityException. Message = "Security error"
}

What are the possible reasons a Silverlight app will fail to call an HTTPS web service? How can I go about debugging this?

edit Still no answers -- is there any additional info I can give to help solve this problem?

Answer 1

We figured it out. The problem came down to cross-zone calls:

Our Silverlight app was hosted on foo.bar.com, which is in IE's regular Internet Zone (low trust).

Our web service was hosted on foo.ourcompany.com, which is in IE's Intranet Zone (high trust).

Silverlight apps cannot make web request calls from low security zones to higher security zones. See MSDN's article on Silverlight URL Access Restrictions for more information. In our case, going from Internet->Intranet was going from low trust to high trust, and so SL call failed with a SecurityException.

Opinion: Microsoft should provide information about why a SecurityException occurred during web request calls. This would have saved us much time and money.