0

after one day of thorough searching for solutions, I'm at a standstill over the following issue:

I am adding a aspx-page with silverlight app as a feature to my sharepoint. The app accesses the sparql-endpoint from a virtuoso service and works fine outside of sharepoint. clientaccesspolicy.xml is added to the virtuoso and sharepoint root. Both are accessible over http:

<?xml version="1.0" encoding="utf-8"?>
 <access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*">
        <domain uri="*"/>
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true"/>
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>

I even added crossdomain.xml in both locations after this problem crept up on my and added both files explicitly to the sharepoint path via central-admin.

I'm still getting a securityException...

Please help me with this,

thanks in advance.

chile
  • 724
  • 1
  • 7
  • 15

1 Answers1

0

After some several more hours wasted, I hammered it out on my own.

For anyone arriving at the same crossroad: If you are certain that crossdomain.xml is in place and you silverlight app works outside of sharepoint, this specific security-exception stems not from a cross-domain violation, but more likely from one of the other url access restrictions documented here:

As it is stated there: 'When users get an error that results from one of these access policies being violated, the error may not indicate the exact cause.' This error might have any of the listed causes. (a major negligence of msdn in my opinion)

Since 'Cross-scheme access' and 'Cross domain-access' is out of the picture, this leaves only a 'Cross zone-access violation'. This means your Silverlight app and the service endpoint got to be in the same zone to be allowed to communicate (e.g. Internet or Intranet). Since my SPAQL-endpoint is hosted at localhost for now (an Intranet address as default in IE) and my sharepoint address http: //my.comp.name is by default in the Internet-zone this error was thrown.

To get rid of this error you have to either host your endpoint on an Internet-address or place your sharepoint address in the Intranet-zone manually. After some more googeling I found the right configuration in the Internet-options.:

->security ->local Intranet -> sites ->add:your sharepoint address (http: //my.comp.name)

That's it, hope I saved you some lasting wrinkles.

take care...

chile
  • 724
  • 1
  • 7
  • 15
  • If you are sure this is no 'Cross zone-access violation', you're dealing with one of the other violations. You have to check one by one. (very time-consuming!) – chile Jun 02 '13 at 07:07