I am running a Tomcat 6 server configured to use port 7787.I have to post data from a Silverlight app to a servlet running on this server.Ofcourse this is crossdomain so it requires me to have clientaccesspolicy.xml in the root.
I have seen various questions about this here and on the web and all have the same answer.To put the xml in webapps/ROOT.This works if I try to access the xml via
http://somedomain/
However since the servlet is running on port 7787 I have to post to somedomain:7787 and thus Silverlight tries to find the xml under
http://somedomain:7787/
This is unsuccesfull.
I am sure that Silverlight does indeed check somedomain:7787 for the xml as I used Firebug to confirm it.Is there anything in Tomcats configuration I can change or somewhere else I can place the xml so Silverlight can find it under port 7787.Or is there perhaps something I can change on the Silverlight side where the POST is being done?
On Windows machine simply copy the two security files to Tomcat's webapps/ROOT folder
As long as you can get response from ...:7787/crossdomain.xml, anyway solution is OK.
Looks like Silverlight only cares about the response.
I created a Silverlight client and it is OK to get response both from WCF service and Tomcat.
Related
I have a SL navigation application, that currently runs on a shared hosting package with a 3rd party ISP. I can login, and register using the ASP.NET membership and role providers.
I have now setup a dedicated server, on which only my app will run. It does not yet have a domain name that points to it... I access it via an IP address.
I've copied the entire site (including the ClientBin and all the XAP's) to the new server, but the Authentication and Registration services don't work... they just return NotFound.
When I check Fiddler on the working site, this service is called :
www.myaddress.com/ClientBin/MyApp-Web-AuthenticationService.svc/binary/Login
which of course succeeds. However, on the other site, the fiddler trace looks the same (because I just copied the site) :
123.123.123.123/ClientBin/MyApp-Web-AuthenticationService.svc/binary/Login
but, the call fails with NotFound. Fiddler reports it as HTTP/1.1 500 Internal Server Error. When I open
http://localhost/ClientBin/MyApp-Web-AuthenticationService.svc/binary/Login
on the server, I get the HTTP/1.1 500, as well as this description :
Handler "svc-Integrated" has a bad module "ManagedPipelineHandler" in its module list
Which leads me to believe that there is something wrong with my IIS config, as the exact same code is working on another system.
What is a "bad module"? How do I fix it?
Normally this type of error is that ASP.Net is not activated or that a handler for svc is not registered or registered correctly.
In your case is looks a bit different. It could be that you have .net framework 4.0 code that you are trying to run in a .net framework 2.0 application pool.
IIS 500 errors often show up with more information in the Windows Event log - if you can somehow get access to that?
Also I've noticed that often the server will actually send debugging output back to the client that everything seems to ignore. Have you checked the entire raw response that is coming back from the server to see if there are any clues there?
I have a client who installed our silverlight app recently. it works fine from their server itself. but when they try to run it from a client, they can log in through the aspx login page, but on the main page, which hosts the tag and the .xap file, they see absolutely nothing!
I cannot see their screens, just get occasional screenshots via email and cross my fingers that they are typing the URL I tell them to. Even Shareview is not working for them - they can see my screen but I cannot see theirs.
So I am pleading - help! Please throw out some wacky ideas. I just learned an hour or so ago that they did not even have silverlight installed, so the mornings debugging effort was a waste of time. So who knows what the next fascinating source of problems is?
Here is the user-agent info. Oor app is .net 4.0 could that be the problem? It does noty look to my untrained eye that the client supports 4.0 (from the web server log):
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.30;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 401 3 5 0
Getting closer - I see that the GET request for the XAP is returning 401 - not found! What would do that?
It's very possible that they are blocking XAP files either directly or indirectly at the firewall. XAP files are simply ZIP files and inspection-based firewalls tend to look at these as a security risk. You may want to see if they can setup an exception in their rules.
Hmm..
1) check if your client access the good url. Request their IP address, then check the web server logs. ie: are they requesting the good url, are they downloading the xap? (check if they use a proxy, too?)
2) check that they restarted their browser after installing the Silverlight runtime.
3) Do you handle the UnhandledException event for your Application class? If no, use it to send detailed exception logs to your server on application crash.
4) Use javascriptto initialize your Silverlight application. This way, you can be notified if the runtime fail to start, (for example if it failed to load the xap file) You can use ajax to report the issue to the webserver.
I have a Silverlight 4 application that I am running embedded on a web page. I would like to allow the Silverlight client to download a settings file by doing something like:
Uri url = new Uri(#"config\settings.xml", UriKind.Relative);
WebClient client = new WebClient();
client.DownloadStringCompleted += new DownloadStringCompletedEventHandler(client_DownloadStringCompleted);
client.DownloadStringAsync(url);
But ideally, I want to return a 403 Forbidden error if the user tries to access the file directly in a browser by visiting http://www.mywebsite.com/config/settings.xml
Is this possible using .htaccess?
Accessing the file from Silverlight or from a web browser looks the same to a web server, so there's not much you can do to guarantee users won't gain access. The best you can do is obfuscate the steps it takes to get the file.
One thing you could do is to turn on HTTP Watch/Firebug/Wireshark and see if the Silverlight client sends any special HTTP headers identifying that it's Silverlight making the web requests. If you can identify something unique, you can configure your web server accordingly so that only requests with that header are allowed.
If there is no such header, another option is to use some sort of authentication. The credentials would be stored in the Silverlight client, so it wouldn't really be that secure, but again, you'd be obfuscating how to get the file.
You could also choose to compile the file into the client instead of accessing it over the web.
Edit:
It doesn't look look like Silverlight sends any identifying headers. You could always append headers to your requests "manually" through your code.
Silverlight will retrieve data via a http request, as it is run client side. There will always be a way to access that file, unless Silverlight can use a custom http agent (which I could not find any reference to), then you can not restrict access.
I have a silverlight business aplication that gets data from silverlight enabled webservice.
When I run the application in dev environment, it works fine.
when i deploy the application and the Asp.net web development server is working, then to the application works fine.
But when I stop the development server, the application can't access a service.
My questions are:
When I deploy a silverlight business application, doesn't the service get deployed and get started.
The endpoint address in my ServiceReferences.Clientconfig file is endpoint address="http://localhost:9702/MyWebservice.scv. Do I need to change this?
The enpoint address in the web.config is blank.
Appreciate your help
Because the WCF client code is declared as a "partial" class, what I've been doing to this point is creating another c# partial class file to host a GetClient() method on it. You'll notice that the code is taking into account the port that the service is on... in a few of the environments that I've posted or will be posting to, as well as the development environment, the application is not always on port 80.
Namespace Project.Service
{
public partial class ServiceClient
{
public static ServiceClient GetClient()
{
return new ServiceClient("CustomBinding_Service",
new System.ServiceModel.EndpointAddress(new Uri(string.Format("{0}://{1}:{2}/Services/Service.svc",
Application.Current.Host.Source.Scheme, Application.Current.Host.Source.Host, Application.Current.Host.Source.Port), UriKind.Absolute)));
}
}
}
Hope this helps someone!
Yes you are going to want to change your endpoint address. I recommend doing it in the silverlight code when creating the connection to the WCF service. The service itself lives on the web server, whereas the silverlight application lives on the clients computer. If the web server stops, the web service stops but the silverlight app can keep running.
edit:
To do this in code, as long as the path is always in the same domain as the app you can use do like so:
BasicHttpBinding binding = new BasicHttpBinding(BasicHttpSecurityMode.None) //Use whatever security you need here
{
MaxReceivedMessageSize = int.MaxValue,
MaxBufferSize = int.MaxValue
};
Client client = new Client(binding, new EndpointAddress(new Uri(Application.Current.Host.Source, "../MyService.svc")));
Thanks so much for your help. I tried your approach to create the client code but that didn't work. And that's because the problem seems to be somewhere else.
So I installed fiddler to see the traffic.
Fiddler showed that the service was being accessed but the http response code was 302 showing that there was some redirection involved.
The address of my application is like this http:///Silverlightapp/(S(oirppxrwzhlf2a2vbia1ui45))/Default.aspx#/Home and it is hosted on IIS 6.
So I had to employ a workaround by installing the service on machine with IIS7 (and there was no session id involved like in the above url).I still kept the silverlight application hosted on IIS 6.
Anyway, in summary, to anyone who reads the thread, I did the following to troubleshoot and solve issue(temporarily)
Changed the end point address in the ServiceReferences.ClientConfig file. When you add the service using discover option in VS, the endpoint address is of the localhost and this must be changed.
Registered the service model using ServiceModelReg -i command. (this solved my problem that my applicaiton was only working from development server and not IIS)
-Put the CrossDomain and ClientAccessPolicy files in c:]inetpub\wwwroot folders.
-Used fiddler to look at http response codes. I had to do no configuration in fiddler.
Changed the binarymessageEncoding to textMessageEncoding iin the web.config file of the silverlight web project that also hosted the ecf service. I did this becasue adding a silverlight enabled wcf service creates a custom binding configuration in the web.config file by default uses binary encoding. I needed text encoding to see errors in fidder. But this didn't help much becasue I only saw the name of the operation in the Inspector>xml tab in fiddler. This was the same even after my issues was resolved by workaround.
Thanks for the help
Don't do it in code. Otherwise you won't be able to change it later without recompiling the application (when the address will need to change, perhaps years down the road when you've lost the source code :)
Change the address in ServiceReferences.ClientConfig to where the service is actually hosted... e.g. http://example.com/myVdir/MyWebservice.svc
If later on you need to change the address without recompiling:
- Open the .xap file (it's just a zip file with a different extension)
- Find the .ClientConfig file and change the address
- Put it back together as a .zip file and rename to .xap
Also, I can't remember anymore whether the .ClientConfig supports relative addresses (e.g. just "MyWebService.svc"), but if it does it may be a good solution as well.
I'm working on trying to ftp a file to the server through a silverlight application. Where the location to upload the file on server file system, exists outside the sandbox area for the web server. In this case the web server root exists at "C:\test\www\" and the location to upload the file will exist at "C:\User\Uploads". In this scenerio i'm not sure if Http POST will work (doesn't that use the web server root). I just need to upload the file selected by the user to a different location that may exist outside the sandbox. With silverlight i'm thinking sockets are my last option based on the limited port range for silverlight being 4502-4532. Can i do this using WebClient and Http POST? Can i make an ftp connection through silverlight or javascript?
This is an interesting scenario, since it sounds like you are doing this all on the same machine (both client and server). I am responding to the vague original question, and would love additional data to help answer this completely.
FTP uploading itself is not supported by Silverlight, but the concept of uploading a file is, through an HTTP stream of data.
If you want to do an HTTP upload from a client machine to the server: You can use the OpenFileDialog control in Silverlight 2 and 3 to read that data, then use WebClient to upload it.
If you want to do a download from something your web server can send, to the client machine, then you'd need to use Silverlight 3 or newer, which features a SaveFileDialog control.
All Silverlight file dialogs require a user-initiated action for them to work, function, and the user will need to select the file name(s) for security purposes.
Hope this helps!
Assuming your server is ASP.NET based I would use a simple WebClient POST into a .ashx handler. Have the handler write the body of the post to a file in "C:\User\Uploads".
As long as the ftp server is on the same host as the silverlight app you can use sockets and code your own ftp client, its not very hard and there's plenty of examples out there.
In the meantime, name it Silverlight 5, Sockets got an update: with ClientAccessPolicy.xml the port-range got boosted and an in-browser elevated-trust mode is available.
Therefore I've created sharpLightFtp to enable rudimental Ftp.