Silverlight 5 Opening Socket AccessDenied

Question

I have a Silverlight 5 application trying establish a socket connection to a server as follows:

var targetEndpoint = new DnsEndPoint("subdomain.maindomain.com", 443);
var clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
var socketAsyncEventArgs = new SocketAsyncEventArgs {RemoteEndPoint = targetEndpoint};
socketAsyncEventArgs.Completed += AsyncConnectCallback;
clientSocket.ConnectAsync(socketAsyncEventArgs);

I have the following clientaccesspolicy.xml file at https://subdomain.maindomain.com/clientaccesspolicy.xml :

<access-policy>
    <cross-domain-access>
        <policy>
            <allow-from http-request-headers="*" http-methods="*">
                <domain uri="https://subdomain.maindomain.com"/>
                <domain uri="*"/>
            </allow-from>
            <grant-to>
                <resource path="/" include-subpaths="true"/>
                <socket-resource port="4502" protocol="tcp"/>
            </grant-to>
        </policy>
    </cross-domain-access>
</access-policy>

I am able to run a local instance of the Silverlight application from visual studio and can establish the socket connection, both running in-browser as well as out-of-browser. When I deploy the application, I am still able to connect using the out-of-browser version, but the in-browser version errors out with the following message:

AccessDenied: An attempt was made to access a socket in a way forbidden by its access permissions.

Within my local environment, where I am running from Visual studio, if I create an hosts file entry:

127.0.0.1 myapp.local

and update my localhost in-browser instance (running from VS) to use myapp.local, I can reproduce the same error, which suggests that the error occurs when the root domain is not localhost, regardless of where the application is hosted.

I have checked my firewall and antivirus software's event logs for signs that they could be blocking the connection request, but do not see any evidence of that.

Has anyone else experienced this issue and offer suggestions of what my problem could be?

Answer 1

According to the description of the problem as well as comments and the article "Relaxed Cross-Domain Access Restrictions", I think that most likely, the problem is with access restriction when the application is run in "in-browser" mode.

To verify that your application is run with trusted privileges you can check that property Application.HasElevatedPermissions is true.

Also, try to follow this guide How to: Enable Trusted Applications to Run Inside the Browser

Make sure that your server's firewall does not block "policy server" port 943

If you still unable to connect to server, try to change port that your service work on to some port that in range 4502 to 4534.

Answer 2

For Silverlight, you need a socket policy server in the mix. See for details http://msdn.microsoft.com/en-us/library/cc645032%28v=vs.95%29.aspx for details.