I've been looking all over the site and on stack overflow and I just can solve my issue.
Network Setup
The way my network on my staging world is that I have clients looking at my web app on a 443 port - https, but the underlying structure is listening on 80 port - http. So when my apps talk to each other its on port 80, but when the clients visit the site its port 443. So for example, my svc called from silverlight would be on port 80.
I should also point out that on my staging and test domains: I have a web server acting as a portal to my app server; but this shouldn't really matter since I was able to get this working on test. It's just that staging has the HTTP forwarding to HTTPS.
Application
I have a silverlight xap file that is on the same domain as my hosted web application using IIS 6.
Now since my silverlight xap file and my web application are on the same domain, I have no problems running this on dev and test, but when I try to deploy to staging I'm getting a weird cross domain reference problem:
"System.ServiceModel.CommunicationException: An error occurred while trying to make a request to URI . This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for Soap services."
Digging around, I realize that my app thinks that my xap (or the service I'm calling) and my web app are on a different domain, and looks for the crossdomain.xml and clientaccesspolicy.xml files automatically, I can't really stop it. However, in my application, this is not the case. They both reside on the same domain. I have used fiddler and I didn't see anything about another domain or even a subdomain for that matter.
Browser Issues
Another weird thing that I found out is an issue with chrome vs ie:
On chrome it finds the crossdomain.xml and clientaccesspolicy.xml telling me its insecure, then it does another fetch from the https side, signalling a 404 error. However, on IE I'm getting a 302 redirect. On microsoft's doc about clientaccesspolicy.xml you aren't supposed to do any redirects from the xml file; this is mentioned here: http://msdn.microsoft.com/en-us/library/cc838250(v=vs.95).aspx
So my question is, if my app and xap are on the same domain, why are those xmls trying to get fetched? Is it because I'm using a DNS instead of an IP address? I also stumbled upon this site: http://msdn.microsoft.com/en-us/library/ff921170(v=pandp.20).aspx
It states: To avoid cross-domain call issues, the remote modules' XAP files should be located on the same domain as the main application; when deployed like this, the Ref property on the ModuleCatalog should be a Uniform Resource Identifier (URI) relative to the main XAP file location on the Web server.
What does that even mean??
EDIT
Okay so I changed the services to point to https instead of http. However new error comes out: The provided URI scheme 'https' is invalid; expected http.
The good thing is, it doesn't even check crossdomain.xml or clientaccesspolicy.xml; so it now realizes it's on the same domain. But now it's expecting a service on port 80, but the name has to follow as https:// in order for it to work.
I think the only solution I have now is to break it off as being a virtual directory, make it a root node of its own website, and make the whole thing as 443. Save myself the headache.
It sounds like you're working in an environment where there is a load balancer offloading the SSL traffic. In this situation, your client(Silverlight) needs to be configured for HTTPS and your server must be configured for HTTP. This is because a device between the two parties is decrypting the SSL data.
In situations like this, aside from the normal client and server side configurations, your server side code needs to be a bit more forgiving about the address of the request.
You likely also need to add an attribute to your service implementation to allow your client to call over HTTPS, but have your service listening on HTTP.
Add this to your service:
[ServiceBehavior(AddressFilterMode = AddressFilterMode.Any)]
This allows your client to call https://my.domain.com/service.svc and have your server live at http://my.domain.com/service.svc.
Here are some links that might help as well:
http://social.msdn.microsoft.com/Forums/vstudio/en-US/b5ae495b-f5fb-4eed-ae21-2b2280d4fec3/address-filter-mismatch-wcf-addressing
http://www.i-m-code.com/blog/blog/2011/11/30/hosting-silverlight-over-http-under-f5-big-ip/
http://www.i-m-code.com/blog/blog/2011/08/18/hosting-silverlight-under-https/
Related
I'm a bit out of my depth and haven't found the answer I need from Google, so could do with some advice.
I have a website that currently has some functionality build in.
I now find myself needing to create a second website containing the same functionality.
In order to do this the proper way, I want to create a webservice and access it from both sites. I've created a new solution and the webservice so far.
On my development machine, I can browse to the webservice.
The question is when I move this webservice to the live server, will it need it's own IP address, domain, or both? Or can it reside on the local server and be accessed in the same way as I would on my development machine?
The webservice does not need to be accessed from outside the server.
I'm a little unclear and its not easy to test in a live environment.
All help appreciated.
A web service works in exactly the same way as a website, only instead of returning HTML, it returns JSON/XML or similar. You'll need to host it on a web server, but if you only need it to be locally accessible, you can set the web server up to bind to localhost (127.0.0.1 in IP4) either on the default port (80) if nothing is already using it or on a different port (eg.12380 where it would be addressed as http://localhost:12380).
Most web servers can bind to anything that comes in on a specific IP address that isn't otherwise allocated or they can recognise which site to serve based on the host name that has been requested. nb. the host name isn't sent automatically by (TCP/)IP - the browser, or in this case web service client will sent an HTTP request header to let the server know which site to serve.
If you have sufficient control over the server, you can also create an entry in the hosts file to use in place of a domain name (eg. webservice maps to 127.0.0.1) and then set up your web server to bind to that.
I have a WCF service which works fine when accessed internally. The WCF link is
.
I requested the network team at our organization to expose this WCF to outside world since public websites will access this WCF. I gave the network team DNS as somewebsite.com and IP address of the server on which WCF is hosted.
After getting the confirmation from Network team (they use Juniper network ) that they have made the required settings to make the WCF available to outside world I tested it as an external user.
If I type in http://somewebsite.com/LookUp.svc on address bar I get http 404 page not found error. However if I replace http with httpS as then I see the WCF information. To further test it , I added a simple html file to the root of the website and opened as
http://somewebsite.com/test.html. The Test.html does not open when http is used. However it I use httpS as then Test.html page is displayed to outside users.
The WCF is hosted to windows 2008 R2 and is communicating over port 80 and I have also added the site binding as somewebsite.com with Type as Http and port as 80.
Any idea why WCF caanot be accseed over http ?. I want it to be accessed over http only ?. The WCF uses basicHttpBinding
Is the setting wrong on server on which WCF is hosted ?
Any suggestion is greatly appreciated..
If the service worked before over http before your network guys opened the firewalls I would suggest that they have only enabled the firewall for https traffic.
Sounds like a firewall/routing problem to me...
HTH
I manage a web site for company that hired me after being unsatisfied with the original developer of the site. One function of this site is to add new patients. Part of adding the patient is to receive data from a USB port on the client machine via an applet. Since the Java 7 update 21 the applet does not work and the company has asked to remove the applet and replace it with a different solution. I am having trouble doing this, however, due to the applet listening to the client USB ports from the server to retrieve the data. I Have thought of a few ideas to solve this but am unsure if it is possible and haven't been able to find the answer online. I was hoping someone here could tell me if my idea is possible or point me in the right direction.
When the user adds a new patient the web site will call a web service on the server. This web service will then call a WCF hosted Windows Service on the client and active its serial port listener. Once the client's Windows Service has received the data the WCF will respond to the Web Service on the server and parse the data.
What I'm having trouble with is finding a way that the web service can call the WCF downloaded by the client and have it begin listening to the USB ports. If anyone could tell me how to do this, or suggest a better way to have the server initiate the client listening to the serial port I would appreciate it.
Do you have any system requirements?
When entering new patient, what kind of browsers are expected?
Will this be deployed as one solution, or clients expect that your application
can support any modern browser?
The main problem is that browsers are very restrictive in terms of what
kind of code you are allowed to execute. By default, browser won't allow
to execute any plugins / read any usb ports, let alone execution / installation
of arbitrary wcf service.
So, supposing that you have 'any modern browser' in requirements - you have following options:
Java / activex applet plugin. I believe this is the only sure-way to have access to usb
on a client machine. Also plugin must be signed with trusted certificate, or client must allow
execution of untrusted plugin (again, check requirements). I though silverlight would also
be a valid alternative, but according to my research (please correct if I am wrong) - its security
model does not allow any kind of USB access.
Prompt user to download and install browser plugin / helper object with access to usb.
And then communicate with your web page through this plugin.
Installing an entire wcf service on a client side would be an overkill in my opinion.
You would have to manage issues like firewalls, closed ports, security,
writing a self-hosting wcf solution, etc.
But if you managed to install and host a wcf service on a client side:
When the user adds a new patient the web site will call a web service on the server.
This web service will then call a WCF hosted Windows Service on the client and active its serial port listener.
Why not save a roundtrip and call client service directly from page?
Server would need to know client address to call it, which is not always possible.
Probably your web page can attempt to access localhost, at predefined port,
where your wcf service is listening.
Once the client's Windows Service has received the data the WCF
will respond to the Web Service on the server and parse the data.
It would be easier to respond on call from your web page (use polling if usb reading is slow),
and only then send to server. Browser already knows where to send data, and have permission
to do so. But if your server address is well known and can be accessed with domain name,
you can try to connect to it from your wcf on client.
Also there is a very similar topic, discussing connection to usb from client.
The situation is that we have some SOAP (asmx) services that are version dependent upon a 3rd party software. These services reside on domainA.
We are in the process of migrating to a new version of the 3rd party software where the existing SOAP services will not be able to reside because of a version incompatibility. Currently the upgraded stuff lives on temp.domainA.
We are developing new services to replace the old SOAP services and will plug in wcf routing or something to save us from the next 3rd party version upgrade party.
Ideally, once temp.domainA is all ready to go we will switch that dns to be domainA and change the old domainA to be old.domainA there for breaking all existing applications referencing the soap services.
I've been fooling around with IIS and ARR matching on a common naming convention that the soap services have and trying to have those requests routed. This works very well for Get requests but not so well for POST requests which is what soap uses.
I set up a little test by having 2 identical services running, one on a test server and one on my local machine. The one on my local machine returns different data than the one on the test server so I can tell which one is being invoked.
I set up ARR's proxy in my local iis to be a reverse proxy to the service on the test server. I set up a url rewrite rule to inspect the incoming requests based on the naming convention of the soap service url.
If I browse to the soap endpoint via a browser and httpget's everything works as planned. I get a response from the remote test server with the request originating from localhost.
When I run the test app which makes the same call except as a post with soap I get this error
exception.message: There was no endpoint listening at http://localhost/webservice/Default.asmx that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
exception.InnerException: The remote server returned an error: (404) Not Found.
my settings
and then for Proxy Type i have
use url rewrite to inspect checked
enable ssl offloading checked
and reverse proxy: set to remote.test.server
I've got a WCF service running on a LAN IIS which is accessible from the internet as well.
The client that consumes the service is an application that runs on the LAN and remotely through the internet. There is no forwarding of anything on the DNS server redirecting http://www.corporate.com/Service to http://serverName/Service so I'm figuring I'll need 2 endpoints on the client.
How do you setup multiple endpoints in the client (is it as simple as copying the existing enpoint generated in the app.config but changing the address?) and how do you configure the client to use a particular endpoint?
You may store endpoint addresses either at app.config, or at resource strings. Then using any condition you pass needed endpoint address to service constructor.
var endpoint = ApplicationSettings.IsRemote ? Resources.RemoteEndPoint: Resources.LocalEndPoint;
var service = new MyWCFService(new BasicHttpBinding(), new Endpoint(endpoint));
The app.config (or web.config) for each copy of the application should have the endpoint for the service set based on the one it needs. For LAN installations, use the LAN-visible endpoint; for all others, use the Internet one.
It may save you a trip to the router, but why not just use the internet endpoint everywhere? If your LAN computers have a gateway to the Net, they can see the externally-visible address.
It is as simple as changing the address and using the endpoint generated in the app config. You may have to change security modes depending on what is supported on either server, or whether they are both running HTTPS or not. We have an application where we build the target endpoint based on relative path to the current URL in a Silverlight application. We also dynamically change the security mode based on HTTPS being present and it works great.