cross-domain problem on silverlight and wCF access

I wrote WCF service and i also wrote ( in the same solution ) silverlight client. I trying to access to the WCF service from the silverlight client - and i get cross-domain exception.

this is happening only when i run the system on the server machine ( thru IIS 7.5 )

I tried to run the same system ( the wcf server & silverlight client ) on my local machine and its does not happened.

The exception:

An error occurred while trying to make a request to URI ‘http://localhost:4522/MyService’. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. 开发者_JAVA技巧You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. Please see the inner exception for more details.

I saw on the web that i need to add something like ICrossDomainService - but i don't know where i need to define them on my project ( on the silverlight project ? on the WCF server project ? )

Someone can help me please ?

Thanks.

I think you will need to create a client access policy file in the root folder of the web site.

This described here: http://msdn.microsoft.com/en-us/library/cc645032(v=vs.95).aspx

A policy file looks like this, and you will need to tailor it according to your cross-domain requirements. This example was taken from MSDN and probably can't be used without being changed.

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
  <cross-domain-access>
<!--Enables Silverlight 3 all methods functionality-->
    <policy>
      <allow-from http-methods="*">      
        <domain uri="*"/>
      </allow-from>      
      <grant-to>      
        <resource path="/api" include-subpaths="true"/>
      </grant-to>      
    </policy>
<!--Enables Silverlight 2 clients to continue to work normally -->
    <policy>
      <allow-from >      
        <domain uri="*"/>
      </allow-from>      
      <grant-to>      
        <resource path="/api" include-subpaths="true"/>
      </grant-to>      
    </policy>
  </cross-domain-access>
</access-policy>

I'm not too familiar with the schema, but I'd hit MSDN again for that. Something like this might be closer:

</cross-domain-access>
  <policy>
    <allow-from>
      <domain uri="*"/>
    </allow-from>
    <grant-to>
      <resource/>
    </grant-to>
  </policy>
</cross-domain-access>

PLEASE check MSDN to make sure you don't open a security hole!