Home/ Questions/Q 552915
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T11:33:01+00:00

I’m using a ClientAccessPolicy.xml file that I think allows pretty much all access to

  • 0

I’m using a ClientAccessPolicy.xml file that I think allows pretty much all access to my WCF service:

<?xml version=""1.0"" encoding=""utf-8""?>
    <access-policy>
        <cross-domain-access>
            <policy>
                <allow-from http-request-headers=""*"">
                    <domain uri=""*""/>
                </allow-from>
                <grant-to>
                    <resource path=""/"" include-subpaths=""true""/>
                </grant-to>
            </policy>
        </cross-domain-access>
    </access-policy>"

So far, I only want to allow my Silverlight application, and my website (MVC2 if that matters) to be able to access the service, but I don’t know how I should modify my policy file to do that. I don’t really know what type of access each of them needs. Can someone recommend a good resource on how to get caught up with that, as well as a suggestion as to what to specifically do with my clientaccesspolicy.xml file to make my service secure, but still available via BasicHttpBindings and WebHttpBindings?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Check out HTTP Communication and Security with Silverlight

    I found it to be very helpful with these kinds of questions.

    • 0