CommunicationException with Silverlight and WCF Service

Question

I have a Silverlight 4 app that is hosted in an ASP Azure web role. The web role exposes a WCF service. (All this is in the same Visual Studio solution.)

I successfully added a reference to the service, and generated client code. However, it causes an error:

ExpenseServiceClient service = new ExpenseServiceClient();
service.GetExpensesCompleted += new EventHandler<GetExpensesCompletedEventArgs>(service_GetExpensesCompleted);
service.GetExpensesAsync();

The callback:

    static void service_GetExpensesCompleted(object sender, GetExpensesCompletedEventArgs e)
    {
        if (e.Error != null)
        {
            MessageBox.Show(e.Error.ToString());
            return;
        }

        // ...
    }

e.Error is the following:

{System.ServiceModel.CommunicationException: An error occurred while trying to make a request to URI 'http://localhost:88/ExpenseService.svc'. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. This error may also be caused by using internal types in the web service proxy without using the InternalsVisibleToAttribute attribute.

Please see the inner exception for more details.

---> System.Security.SecurityException --->
System.Security.SecurityException: Security error.
   at System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult)
   at System.Net.Browser.BrowserHttpWebRequest.<>c__DisplayClass5.<EndGetResponse>b__4(Object sendState)
   at System.Net.Browser.AsyncHelper.<>c__DisplayClass2.<BeginOnUI>b__0(Object sendState)
   --- End of inner exception stack trace ---
   at System.Net.Browser.AsyncHelper.BeginOnUI(SendOrPostCallback beginMethod, Object state)
   at System.Net.Browser.BrowserHttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse(IAsyncResult result)
   --- End of inner exception stack trace ---
   at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
   at System.ServiceModel.ClientBase`1.ChannelBase`1.EndInvoke(String methodName, Object[] args, IAsyncResult result)
   at ExpenseCalc_SilverLight.ExpenseService.ExpenseServiceClient.ExpenseServiceClientChannel.EndGetExpenses(IAsyncResult result)
   at ExpenseCalc_SilverLight.ExpenseService.ExpenseServiceClient.ExpenseCalc_SilverLight.ExpenseService.IExpenseService.EndGetExpenses(IAsyncResult result)
   at ExpenseCalc_SilverLight.ExpenseService.ExpenseServiceClient.OnEndGetExpenses(IAsyncResult result)
   at System.ServiceModel.ClientBase`1.OnAsyncCallCompleted(IAsyncResult result)}   System.Exception {System.ServiceModel.CommunicationException}

Both of these are running on localhost. What am I doing wrong?

Answer 1

You tagged this as Azure but say you are running on localhost?

Answer 2

I don't know much about SilverLight, but I've come across mention of cross domain policies when talking about deploying SilverLight apps that use Azure storage. My Google foo is weak, but you might try one of these links.

Answer 3

Silverlight expects a ClientAccessPolicy.XML file to be present whenever it makes calls that in considers to be "cross domain" (worded that way b/c its fairly strict). Have you set that up? I'm not a SL expert, but that error normally arises when the policy file is not present.

Easy way is to create one at root of your site, so http://localhost/clientaccesspolicy.xml

A pretty loose "allow all" file is something like:

<?xml version=""1.0"" encoding=""utf-8""?>
<access-policy>
    <cross-domain-access>
        <policy>
            <allow-from http-request-headers=""*"">
                <domain uri=""*""/>
            </allow-from>
            <grant-to>
                <resource path=""/"" include-subpaths=""true""/>
            </grant-to>
        </policy>
    </cross-domain-access>
</access-policy>

For more complex scenarios (as may arise in Azure, depending on your architecture), you can create an IIS handler to serve up the expected XML, which allows for dynamic creation of the policy based on the request.

There are plenty of resources on this approach should you decide to go for it, but I'd recommend trying to simple one first to make sure that's the issue.