Error 2170 in Cross Domain Policy deployed in Enterprise Portal
Hi All,
We are facing an Error # 2170 for the Cross Domain Policy in Enterprise Portal.
We developed the dashboard using 2 web service connections (using ECC Remote Enabled Functon Module). The Web services were made Public so that they can be accessed from any network. We developed the dashboard using the public enabled webservices and exported to the SWF file which is working fine.
But when we place the dashboard SWF file in the Enterprise portal it gives the error " Cross Domain Policy Error #2170" .
We Placed the Cross domain Policy file in ECC Server in the root directory and placed the same in Enterprise portal C drive.
But still it shows the same error when we preview the dashboard in Enterprise Portal.
The Cross Domain Policy File that we are using is as follows:
-<cross-domain-policy> <site-control permitted-cross-domain-policies="all"/>
<allow-access-from secure="false" to-ports="" domain=""/>
<allow-http-request-headers-from secure="false" domain="" headers=""/>
<allow-https-request-headers-from secure="false" domain="" headers=""/>
</cross-domain-policy>
Please let us know if the cross doamin file is correctly coded and suggest us with suitable solutions for this problem. Also let us know if there is some alternative solution to this issue.
Thanks,
Malla Reddy D
Hello Malla,
Maybe SAP Note 1240810 helps... Anyway, I would say that if your issue is with the direct SAP NW BI connection, through BICS, the only file which is relevant is bicsremotecrossdomain.xml, which should be located on your server HTTP root.
Another check you can perform is if you have both portal certificate entries as per SAP Note 1508663.
Kind Regards,
Marcio
Similar Messages
-
Load XML file from addon domain without cross-domain Policy file
Hello.
Assuming that there are two addon domains on the same server: /public_html/domain1.com and /public_html/domain2.com
I try to load XML file from domain2.com into domain1.com without using cross-domain policy file (since it doesn’t work on xml files in my case).
So the idea is to use php file in order to load XML and read it back to flash.
I’ve found an interesting scripts that seems to do the job but unfortunately I can't get it to work. In my opinion there is somewhere problem with AS3 part. Please take a look.
Here are the AS3/PHP scripts:
AS3 (.swf in www.domain1.com):
// location of the xml that you would like to load, full http address
var xmlLoc:String = "http://www.domain2.com/MyFile.xml";
// location of the php xml grabber file, in relation to the .swf
var phpLoc:String = "loadXML.php";
var xml:XML;
var loader:URLLoader = new URLLoader();
var request:URLRequest = new URLRequest(phpLoc+"?location="+escape(xmlLoc) );
loader.addEventListener(Event.COMPLETE, onXMLLoaded);
loader.addEventListener(IOErrorEvent.IO_ERROR, onIOErrorHandler);
loader.load(request);
function onIOErrorHandler(e:IOErrorEvent):void {
trace("There was an error with the xml file "+e);
function onXMLLoaded(e:Event):void {
trace("the rss feed has been loaded");
xml = new XML(loader.data);
// set to string, since it is passed back from php as an object
xml = XML(xml.toString());
xml_txt.text = xml;
PHP (loadXML.php in www.domain1.com):
<?php
header("Content-type: text/xml");
$location = "";
if(isset($_GET["location"])) {
$location = $_GET["location"];
$location = urldecode($location);
$xml_string = getData($location);
// pass the url encoded vars back to Flash
echo $xml_string;
//cURLs a URL and returns it
function getData($query) {
// create curl resource
$ch = curl_init();
// cURL url
curl_setopt($ch, CURLOPT_URL, $query);
//Set some necessary params for using CURL
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//Execute the curl function, and decode the returned JSON data
$result = curl_exec($ch);
return $result;
// close curl resource to free up system resources
curl_close($ch);
?>I think you might be right about permissions/settings on the server for php. Unfortunately I'm not allowed to adjust them.
So I wrote my own script - this time I used file path instead of http address of the XML file. It works fine in my case.
Here it is:
XML file on domain2.com:
<?xml version="1.0" encoding="UTF-8"?>
<gallery>
<image imagePath="galleries/gallery_1/images/1.jpg" thumbPath="galleries/gallery_1/thumbs/1.jpg" file_name= "1"> </image>
<image imagePath="galleries/gallery_1/images/2.jpg" thumbPath="galleries/gallery_1/thumbs/2.jpg" file_name= "2"> </image>
<image imagePath="galleries/gallery_1/images/3.jpg" thumbPath="galleries/gallery_1/thumbs/3.jpg" file_name= "3"> </image>
</gallery>
swf on domain1.com:
var imagesXML:XML;
var variables:URLVariables = new URLVariables();
var varURL:URLRequest = new URLRequest("MyPHPfile.php");
varURL.method = URLRequestMethod.POST;
varURL.data = variables;
var MyLoader:URLLoader = new URLLoader;
MyLoader.dataFormat =URLLoaderDataFormat.VARIABLES;
MyLoader.addEventListener(Event.COMPLETE, XMLDone);
MyLoader.load(varURL);
function XMLDone(event:Event):void {
var imported_XML:Object = event.target.data.imported_XML;
imagesXML = new XML(imported_XML);
MyTextfield_1.text = imagesXML;
MyTextfield_2.text = imagesXML.image[0].attribute("thumbPath"); // sample reference to attribute "thumbPath" of the first element
php file on domain1.com:
<?php
$xml_file = simplexml_load_file('../../domain2.com/galleries/gallery_1/MyXMLfile.xml'); // directory to XML file on the same server
$imported_XML = $xml_file->asXML();
print "imported_XML=" . $imported_XML;
?>
Regards
PS: for those who read the above discussion: the first and the second script work but you must test which one is better in your situation. The first script will also work between two domains on different servers. No cross domain policy file needed. -
I am attempting to communicate with a web service via flash
across sub domains. All works fine and dandy on my local machine,
but when i upload to my web server there is no communication across
the domains. The way the servers are configured, i don't have
access to the root of the domain to place the crossdomain.xml in
the default location, so i have it in the folder next to the web
service and link to it directly shown below. I have this line on
the first frame of the first layer of my file
quote:
System.security.loadPolicyFile("MYDOMAIN/StudentConnect2Apply/crossdomain.xml");
The server containing the flash file is insecure and the web
service is secure (https). this is what my crossdomain.xml file
looks like:
quote:
<cross-domain-policy>
<allow-access-from domain="*.MYDOMAIN.net"
secure="false"/>
</cross-domain-policy>
I have also enabled logging within my flash player to track
down problems, when i initially load the page in the browser, it
approves the policy file:
quote:
OK: Policy file accepted:
https://MYDOMAIN/StudentConnect2Apply/crossdomain.xml
But after submitting the form and attempting to interact with
the web service, i get an error saying permission is denied due to
lack of policy file permissions and
quote:
Warning: Failed to load policy file from
MYDOMAIN/crossdomain.xml
It is looking in the root of the domain after i defined and
it accepted the overridden location. Is there another way to define
where the crossdomain.xml file is located that i am missing,
possibly in the web service settings somewhere?I have found my answer, thanks to another forum.
Meta-Cross Domain Policies.
http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_03.html
Basically I can now say "f*ck you adobe. I as a college
student who likes to host things on my 150 MB of server space can
no longer host XML formatted levels for games I write. Because I am
not the administrator of the server and will never be able to
convince the administrator to let me have the MCDP file allow my
flash file to load it's levels."
F*ck you Adobe, F*ck You. -
Cross domain policy file and BitmapData
Hey guys and gals, I'm having an issue with a Security error
when trying to access photos from an external site. I have a client
who is at siteA.com, who wants to load in photos from siteB.com,
siteC.com, and probably 100 other sites. He has permission to do so
from the other sites, but doesn't want to go through all the
trouble of asking each site to post a cross-domain policy file.
Please correct me if I'm wrong, but the way I understand it is, if
you want to simply load an image into a Loader object within a swf,
you're ok, but if you want to access the BitmapData, you will then
get a security error? My snippet of code that I believe is causing
the security error is
public function imageLoaded(e:Event):void {
var image:Bitmap = Bitmap(e.target.loader.content);
image.smoothing = true;
imageContainer.addChild(e.target.loader);
As you can tell, the reason why I want to access the Bitmap
itself is to apply smoothing. That is my main concern, I want to be
able to apply smooth transitions to these pictures that are loaded
in from external sites. My main goal is to load images externally,
then apply smooth transitions, so if you know of a way to get
around the security violations, that would be great. The only
work-around we have for this is to write a script that will load
all the images from the external sites onto the local server, as
this will be less work than getting the cross-domain policy file on
each server (if that's what it takes). Thanks in advance for
anybody who can shed some light on the subject.If I understand you correctly, a 'helper' swf would be on the
site where the images are held, much like a cross-domain policy
file? I don't understand how that would be much different than
getting the external sites to add a cross-domain policy file on
their server. It sounds easier to just throw the cross-domain
policy file on the external site's server with '*' for the path of
allowed directories to load images from. I'm pretty new to the
cross-domain security issue, so I'm not sure. I don't understand
why it's a security risk to access the pixels of an image either...
anybody know about that? Just trying to figure out where to go from
here on this project. Thanks for the reply GWD, still looking for
some more feedback. -
i am developing a flex web application which needs to access Other domain (Payment Gateway API),is there any other way other than cross domain policy available ? please help.
we donot have access other domain thats why we want other solution..All the paths to CFCs are the same in my live production site. Can you be more specific as to what you mean by "RemoteClass aliases in your AS Classes and CFCs (if any) are correct."? How will the app know that the CFC is on http://myLiveSite.com instead of http://myDevSite.com? The only line of code that I have noticed that points to a URL is the endpoint in a file called _Super_XXX.as. And at the top of that file it says that the file is not meant for editting.
To clarify...I see your app/code all exists on a server access via a web browser so I can understand that everything still works when deployed. Mine is a mobile app so when I am developing and testing on my local computer the URL points to my local development machine. However when I deploy it to a mobile device like a tablet and run the app, it needs to be able to access a cfc on a remote server via a different URL ie. my http://myLiveSite.com/myCFC.cfc instead of http://localhost/myCFC.cfc
Thanks for your help! I will now take a look at your thread.
Message was edited by: ace0215 -
Spry JSONDataset and IE8 cross domain policy
Hi,
I'm using Spry JSON Dataset to retreive feeds of JSON data from Google Picasa and then show the results on our photo page. Works fine in Firefox but not in IE8. Is this a cross domain issue or is something else happening to stop the page rendering the spry regions in IE8? I know IE8 can be quite fussy at times.
Debug tools in IE8 not the best (give me firebug any time)
Page is here www.thehmc.co.uk/photonew.html
PhilHi,
Now I've had time to play and got my head around what JSON-P really means - I've come up with a lightweight solution. Arnout thanks for your input as that sent me off on the right track.
I noticed that Google can provide the JSON string wrapped in a callback function - see format below
http://picasaweb.google.com/data/feed/api/user/thehmc.co.uk?kind=tag&alt=json-in-script&ca llback=testit&hl=en_GB
Firstly I define my Spry JSONDataset as before but don't give it an url to load the data from
var dsTags = new Spry.Data.JSONDataSet(null,{path:"feed.entry", subPaths:["title","gphoto$weight"],sortOrderOnLoad: "ascending", sortOnLoad: "title.$t"} );
So introducing the function below, which dynamically adds a script to the document body pointing top the url you pass it
function makeRequest(sUrl) {
var oScript = document.createElement("script");
oScript.src = sUrl;
oScript.async = true
var done = false;
oScript.onload = oScript.onreadystatechange = function()
if ( !done && (!this.readyState || this.readyState === "loaded" || this.readyState === "complete") )
done = true;
oScript.onload = oScript.onreadystatechange = null;
if ( oScript && oScript.parentNode )
oScript.parentNode.removeChild( oScript );
document.body.appendChild(oScript);
and then calling it, passing the url to the Google feed
makeRequest("http://picasaweb.google.com/data/feed/api/user/thehmc.co.uk?kind=tag&alt=json-in-script&ca llback=testit&hl=en_GB");
Function testit(root)
dsTags.setDataFromDoc(root);
Since the JSON string is already converted to a JSON object when it arrives at the callback function I had to change the JSONDataset function as below to not to try and parse if already an object
Spry.Data.JSONDataSet.prototype.loadDataIntoDataSet = function(rawDataDoc)
if (this.preparseFunc)
rawDataDoc = this.preparseFunc(this, rawDataDoc);
var jsonObj;
if (typeof rawDataDoc == "object")
jsonObj = rawDataDoc;
else
try { jsonObj = this.useParser ? this.parseJSON(rawDataDoc) : eval("(" + rawDataDoc + ")"); }
catch(e)
Spry.Debug.reportError("Caught exception in JSONDataSet.loadDataIntoDataSet: " + e);
jsonObj = {};
This works a treat in IE8 and Firefox.
I can see that your YQL version will be more flexible in terms of the number of feeds it'll be able to provide in JSON format but for now I just need this for Google Picasa. Ideally I'd like a YQL version that retrieves the JSON string and then passes it to a user defined callback function to do with what it wants.
I need to change my other JSON datasets but otherwise the page will be good to go soon enough.
Cheers for your inputs
Phil -
Error publishing SSRS Report in Dynamics AX 2012 Enterprise Portal
Good morning.
I have a problem ad i'll appreciate so much your help. I made a SSRS Reporting project with Business Intelligence Development Studio (through the template "Business Intelligence --> Report Server Project). Once deployed to report server, the report
successfully works. I Want to publish this report in Dynamics AX 2012 Enterprise Portal, through the web part "SQL Server Reporting
à SQL Server Reporting Services Report Viewer", but when i select the .rdl file from the list, i receive the following error:
An error occurred during local report processing.
An error has occurred during report processing.
Cannot create a connection to data source 'DataSource1'.
An attempt has been made to use an unregistered data extension, 'OLEDB-MD'. To use this data extension, it must be registered in the Web.config file of this Web application.
I've Checked the config file and the specified handler is correctly set. I read in a forum that the problem may be caused by the fact that the database of the report server is set as "Native" instead of "Sharepoint Integrated". Is it
possible? just in case, there's the possibility to display a ssrs report in EP in "native mode"?
Thank you so much in advance
SimoneHi Katherine.
Thank you so much for your reply. You understood perfectly what I mean. I followed the instructions in the document, but the installation of te .cab file won't work. I tried with the Sharepoint Management Shell and with STSADM.EXE, but in both cases i receive
an error like this:
PS C:\> Install-SPWebPartPack -LiteralPath "C:\Program Files (x86)\Microsoft SQL
Server\110\Tools\Reporting Services\SharePoint\RSWebParts.cab" -GlobalInstall
Confirm
Are you sure you want to perform this action?
Performing operation "Install-SPWebPartPack" on Target "C:\Program Files
(x86)\Microsoft SQL Server\110\Tools\Reporting
Services\SharePoint\RSWebParts.cab".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help
(default is "Y"):y
Install-SPWebPartPack : Failed to extract the cab file in the solution.
At line:1 char:1
+ Install-SPWebPartPack -LiteralPath "C:\Program Files (x86)\Microsoft SQL
Server\ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
+ CategoryInfo : InvalidData: (Microsoft.Share...tallWebPartPack:
SPCmdletInstallWebPartPack) [Install-SPWebPartPack], SPException
+ FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletInstallW
ebPartPack
PS C:\>
I checked the directory and the .cab file is in the right position. Am I doing something wrong?
Thanks a lot in advance.
Simone -
Error Provisioning the Federated roles from CUP to enterprise portal
Hi Gurus,
Need help. I am trying to provision the roles to enterprise portal using GRC CUP. I have created the connectors and field mapping and the connection is successful. We have a enterprise portal with producer consumer relation ship. The Enterprise portal acts as consumer for the BI portal. The BI portal Roles are federated to Enterprise portal and i get an error "noSuchIdentifier" when I try to provision the federated BI Portal role on the Enterprise portal. I can successfully provision the local portal roles and UME roles on the enterprise portal. I get the error only when trying to provision the roles which are from BI portal.
Appreciate any help, in this regards.
Thanks,
PavanHi Alma,
This is one of the security issue.We had faced it sometime back.We searched some CSN's and found a solution.
Go to Service Market palce and download the latest Cryptographic Tool kit (Service Market place---->software downloads)
You will get a sca/sda something like tc/iaik./security(something like this)
Deploy this on to your instance using your SDM.
After that,Restart the Portal patching.It will go fine.
reward points if helpful................ -
Error when configuring Web Dispatcher for SSL with Enterprise Portal
We are in the process of configuring the Web Dispatcher using SSL to connect to our Enterprise Portal (the Web Dispatcher will be in the DMZ). We have followed all of the help.sap.com guides and now have SSL listening on the EP side (port 8103). We are now receiving this strange certificate error when we start the Web Dispatcher:
[Thr 5332] Tue Mar 20 00:36:23 2007
[Thr 5332] MatchTargetName("<FULLY QUALIFIED HOSTNAME>", "CN=XXX, OU=XXX, O=XXXX, C=XX") FAILS
[Thr 5332] SSL socket: local=<IPADDRESS>:4742 peer=<IPADDRESS>:8103
[Thr 5332] <<- ERROR: SapSSLSessionStart(sssl_hdl=009D7670)==SSSLERR_SERVER_CERT_MISMATCH
[Thr 5332] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-30): SSSLERR_SERVER_CERT_MISMATCH [icxxconn.c 2005]
[Thr 5332] *** ERROR => IcmConnClientRqCreate() failed (rc=-14) [icrxx.c 4919]
[Thr 5332] *** ERROR => Could not connect to SAP Message Server at <FULLY QUALIFIED HOST NAME>. URL=/msgserver/text/logon?version=1.2 [icrxx.c 2301]
[Thr 5332] *** ERROR => rc=-1, HTTP response code: 0 [icrxx.c 2302]
[Thr 5332] *** ERROR => see also OSS note 552286 [icrxx.c 2303]
We have gone through the trouble shooting note 552286 as listed in the error above. Any assistance is appreciated.Hello, did you receive any resolution for this problem? We are receiving a similar error and I am unsure of how to resolve.
-
Error while calculating SPS for NW 7.3 Enterprise Portal
Hello,
I have a Solution Manager 7.01 SPS 28 (ST 400 0028 SAPKITL438 SAP Solution Manager Tool)
I want to download via MOPZ the newest SPS for NW 7.3 with Enterprise Portal.
I configured the SLD on the NW 7.3 side successfully.
The NW 7.3 transmitted the data to the SMSY.
I can create the system also successfully in the "Product Systems" and "Technical Systems"
and also created successfully the "Logical Components" and can assign to a "Solution"
When I try to calculate the SPS automatically for the NW 7.3 Enterprise Portal, the following
error Messages appears.
System P73: Installed Product Instance SAP NETWEAVER 7.3 Process Integration not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 PDF Export not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Advanced Adapter Engine Extnd not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Demo Applications not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 BPM not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 NWDS Update Site JEE not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Composition Platform not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Guided Procedures not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Enterprise Services Repository not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Composite App. Framework not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 AS Java Extensions not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 PI Adapter Engine (Java EE) not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 EP Core - Application Portal not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Composition Voice not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Central Process Scheduling not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Mobile not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 BI Java not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Business Intelligence not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 PI Partner Connectivity Kit not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Development Infrastructure not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Adobe Document Services not assigned! Display Help
System P73: Installed Product Instance SAP NETWEAVER 7.3 Application Server ABAP not assigned! Display Help
Can anybody please help me ?
Best regards
AlexHello Alexander,
I was having a similar problem, but only with the abap-related NW 7.3 components.
Please check the following note: Note 1595918 - JSPM: Validation fails due to mismatch at software features
Do a backup of your BC_SL_SWFEATURE, delete those components you don't have, according to the usage types you have installed.
In the portal, go to NWA -> Configuration -> Infrastructure -> SLD Data Supplier Configuration and click "Send and Collect Data".
Verify that the data is refreshed in your SLD.
In the SMSY, unassign the system from all the logical systems, delete the system, delete the technical java component and run the Setup System Landscape to create the system from your SLD.
After the system is generated, assign it to your Logical Component and try again.
Or, instead of deleting / creating the system, maybe you can just refresh it using the steps from the note Note 1468559 - SMSY: Single system update from SLD
Regards -
I just made an IRC client for Android + iOS, and now I'm having issues porting it to the browser. I've built flash games where the server hosts the Policy Domain File, obviously with an IRC client that's not going to happen in all instances.
I'm wondering why the browser version can run perfectly fine under CS6's debug mode, but when it's been deployed to the browser it can't seem to connect? What settings would I have to do [if at all possible] to replicate this debug mode [in CS6] inside the browser?
Thanks!In the browser, are you running it via Flash Player or are you making an AIR for web app?
The browser is the strictest sandbox Flash can run in. The infamous #2048 is a generic security violation. You're doing something your current sandbox doesn't allow. The most obvious thing to verify is on the SWF output settings make sure your sandbox is set to access network files, not access local files. Otherwise you'll get that error.
Outside that it's going to be looking for a socket policy file. I won't even get into creating these because your endpoint is an IRC server. Unless you're running your own IRC server you're not going to get some IRC server host to install a socket policy file for you so that point is moot. Without the socket policy file you're in some tough territory that will require some advanced debugging.
My suggestion would be to get Fiddler so you can actually see the request and response packets being sent to and from Flash inside your browser. You will definitely see Flash make a request and the response will give you clues on what's happening just before you receive the #2048 security error. You may see it request the policy file and then the server returns nothing or an invalid response and then Flash gives you the error. If that happens you may be out of luck.
Here's fiddler (I'd update your .NET to the latest and use V4 instead of V2):
http://www.fiddler2.com/fiddler2/version.asp
Here's another Adobe post of someone having a #2048 error while using fiddler to diagnose it:
http://forums.adobe.com/message/4668901#4668901
The fiddler site has some documentation. It's a pretty great tool for analyzing packet traffic (using the "select process" target will limit the packets to a browser you select (or any other app)). You may need to enable decrypting HTTPS traffic if you're using a SecureSocket. There's all instructions there on helping you diagnose and watch the inner workings of all requests/responses to track down the issue quickly.
Lastly I would uninstall Fiddler after you're done with it and reinstall it later when you need it. Especially if you enable HTTPS decryption. It must install some fake certificates to allow itself to intercept traffic. You'll just clutter up your certificates with junk certs if you keep fiddler installed. It's a very quick install/uninstall and the software itself is very widely used and regarded. It's not a trust thing, it's a cleanliness thing. -
Cross Domain error for Silverlight + MVC application with self hosted WCF service on azure
Hi,
We are migrating existing Silverlight application to MVC; existing Silverlight application is hosted on
Azure which is consuming self-hosted WCF service. For authentication we have implemented
ADFS with WIF (passive). The cloud service (<myWebSite>.cloudapp.net) is C Name to (<myWebSite>.<myDomain>.com) and we
are consuming WCF service at <myWebSite>.cloudapp.net/<myService>.svc, as we were getting “Cross Domain” error so we have added “clientaccesspolicy.xml” at the root of “WEB ROLE”.
Existing Silverlight application works fine but the problem occurred when we deploy our migrated application to the same cloud service. We are getting a “Cross Domain” error.
The same migrated application works fine on UAT environment, the only difference is UAT environment is
without ADFS WIF implementation.
Migrated application is half Silverlight and half MVC with initial landing page is Silverlight. MVC web role is used to host the service i.e. .SVC . To go to SL landing page , redirected from home controller. Following is being observed in fiddler for this
application
Existing Silverlight application -
After authentication with ADFS it redirect to Silverlight landing page.
Before calling service method it looks for “clientaccesspolicy.xml”
In response header we are getting the content of “clientaccesspolicy.xml”
And after this everything works fine
Migrated Silverlight-MVC application –
After authentication with ADFS it redirects to “HomeController” and from there we are redirecting to Silverlight landing page.
Before calling service method it looks for “clientaccesspolicy.xml”
In response header we are getting following content - “https://federation-sts.<myDomain>.com/adfs/ls/?wa=wsignin1.0&
wtrealm=https%3a%2f%2f<myWebSite>.<myDomain>.com&
wctx=rm%3d0%26id%3dpassive%26ru%3d%252fclientaccesspolicy.xml&wct=2014-03-17T10%3a36%3a04Z”
4.Throw “Cross Domain” error.
Also we have added filter in
RouteConfig
for .xml file
routes.IgnoreRoute("{*allxml}",
new { allxml = @".*\.xml(/.*)?" });
NOTE: There is no configuration change apart from MVC configuration.
We have done RDP to web role and found that “clientaccesspiolicy.xml” is present at “E:\approot” location and it is also accessible at “https://<myWebSite>.<myDomain>.com/clientaccesspolicy.xml”.
Please help
Thanks,
Rahul PHi,
Please try to configure the cross domain policy file to allow public read access (that is, access it without federation requirement), make sure you can access the address
http://something/clientaccesspiolicy.xml directly in a browser
without redirecting to check whether the cross domain policy file could be anonymous accessed (Please start a new browser session and make sure you're
not logged in. Then test the cross domain policy file.).
Best Regards,
Ming Xu
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Cross domain error while displaying .SWF files in portal
Hi Experts,
i am working on EP ,
i am trying to display a .swf file in a iview but that file is giving an error as
Add a cross domain policy file to the external data web server
this swf file is retriving data from BI system.
Please suggest !!
i got a solution of putting a crossdoaim.xml file in root directory but thats not possibleI think two urls will work for you:
Xcelsius SWF with QaaWS through SSL: Cannot access external data
http://livedocs.adobe.com/flex/3/html/help.html?content=security2_04.html -
I tired to access a web site via Safari that I previously was able to access; however, now I get the following message: "Cross Domain Error: Cross domain is not supported by this browser." Is there a plug-in or something else that would allow me access the site?
Hi,
Please try to configure the cross domain policy file to allow public read access (that is, access it without federation requirement), make sure you can access the address
http://something/clientaccesspiolicy.xml directly in a browser
without redirecting to check whether the cross domain policy file could be anonymous accessed (Please start a new browser session and make sure you're
not logged in. Then test the cross domain policy file.).
Best Regards,
Ming Xu
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Cross domain scripting: error #2048
Hi,
This is my first entry in this forum but I already found a lot of answers by browsing it. However, altough many references seem to solve the problem I'm hurting on, it doesn't seem to work for me...
Now, here's the case:
I made a flash web site that will be hosted on an external web server (let's call it server «www.external.com»).
My flash needs to get some info from my internal server (let's call it «www.internal.com»).
On «www.internal.com», I don't have access to the root, only to the folder «myfolder» so my website reads like this: «www.internal.com/myfolder».
Being aware of some sandbox security issues, I made a crossdomain.xml file and uploaded it to «www.internal.com/myfolder/crossdomain.xml» to provide acces to «www.internal.com/myfolder» from «www.external.com» wich is the following:
<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="www.external.com" />
<allow-http-request-headers-from domain="www.external.com" headers="*"/>
</cross-domain-policy>
In my flash, there is the code i use to retrieve my info:
Security.loadPolicyFile("http://www.internal.com/myfolder/crossdomain.xml");
var myData:URLRequest = new URLRequest("http://www.internal.com/myfolder/myapp/datarequest.cfm");
var loader:URLLoader = new URLLoader();
loader.load(myData);
That's where I get the raging error #2048 in an error #2044 telling me this (excuse the french, my player and I use this language):
Error #2044: securityError non pris en charge : text=Error #2048: Violation de la sécurité Sandbox : http://www.external.com/flashapp.swf ne peut pas charger de données à partir de http://www.internal.com/myfolder/myapp/datarequest.cfm.
According to what I saw and read, loading a policy file should allow me to access info. Once I read that the crossdomain.xml file absolutely had to be on the root of the web server, unfortunately, I don't have access to the root.
There surely is something wrong with what I am doing, anyone has a thought?
Thanks in advance and sorry for the long message...just a guess here - it looks mainly as though you are on the right track, and you are correct if you so not have access to the root, then you must target the crossdomain.xml location as you have specified.
the one thing i don't see that you have listed here is a call to:
Security.allowDomain("www.external.com");
which *might* be the issue
Maybe you are looking for
-
Public class name same as filename
Every book I've read stated that if you have a public class declared in the source file, then you have to name the file the same as the class name. However, none of the book explain why, can anyone tell me about this?
-
Just found out that people are not receiving any emails that i send from my phone. Not sure why and have no idea how long it has been going on. Could be as long as I have had the phone. How do I fix this?
-
Xml reading specific node and putting them in hashtable
Hi Friends I have to create program to print xml filenames and the id (which is a tag) inside the xml file. the filenames i have to print are the names of xml files themselves and then they have id taginside the file and there can be more then one id
-
APEX_COLLECTION.UPDATE_MEMBER not Working
Hi. I hope someone can help on this matter. I have been working with Apex for some time on and off and I and have accomplished more complicated stuff then this. Bit this has stopped me in my tracks for 2 days now. To the point. Onload I create a coll
-
I've tried to stay patient with the continual dropping off and inability to reconnect of the 2 Lacie disks connected to my AE, but I've now given up - will follow the threads here to see if things improve, but I'm not optimistic. A great idea, whose