This sample demonstrates how to consume the Access Control Service and the Service Bus Message Buffer API from a Silverlight application
This sample solution contains three projects:
- PolicyPublisher: A console application that publishes and deletes the Silverlight ClientAccessPolicy.xml for your namespace.
- MessageBufferClient: A Silverlight application that performs the following message buffer operations.
- Creates a message buffer
- Sends a message
- Retrieves a message
- Gets the message buffer policy
- Deletes the message buffer
- Creates a message buffer
- MessageBufferClientWeb: an ASP.NET host for the MessageBufferClient Silverlight application.
This solution requires that you have the Silverlight SDK and Silverlight tools for Visual Studio installed if you are using Visual Studio 2008. For Visual Studio 2010, you do not have to install any of these.
Same Origin Policy and Cross Domain Access
To interact with the Message Buffer, you must get a token from the appropriate Service Bus issuer.
Browsers and browser-side programming languages, such as Javascript, enforce a security policy called the same origin policy. This policy restricts cross domain calls; that is, it only allows code running in the browser to call back code that resides on the site (the host site) where the browser code was downloaded from, and does not allow browser code to call into code residing on a different site (the target site).
Cross domain access can be setup explicitly if the target site places a specific policy file at its root. For Silverlight this policy file is called ClientAccessPolicy.xml. A simple ClientAccessPolicy.xml appears as follows:
<?xml version=""1.0""
encoding=""utf-8""?> <access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" http-methods="*">
<domain uri="https://*"/>
<domain uri="http://*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true" />
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
For the Access Control Service, all service namespaces have the cross domain access set up by default. For the Service Bus, cross domain access must be explicitly enabled, as shown below.
The Silverlight Client Stack
Silverlight can be configured to use either the browser's HTTP stack
or its own client stack. To use the services, you will be required to
use the Silverlight client stack. This can be configured as follows:
{
this.currentContext.Post(
new
SendOrPostCallback(this.DisplayCallback),
new DisplayData(
"Failed
to register the HTTPS prefix with the Silverlight's client stack", true));
}
if (!WebRequest.RegisterPrefix("http://",
WebRequestCreator.ClientHttp))
{
this.currentContext.Post(
new
SendOrPostCallback(this.DisplayCallback),
new DisplayData(
"Failed
to register the HTTP prefix with the Silverlight's client stack", true));
}
The X-MS-Authorization Custom HTTP Header
To program secured endpoints, requires that the Access Control token be passed in the Authorization HTTP header. However, Silverlight does not allow applications to write to the Authorization HTTP header. To work around this, the Services API has introduced the X-MS-Authorization HTTP custom header which behaves in the same way as the Authorization HTTP header.
Sample Flow
- After
building the solution, open a command prompt window and go to the PolicyPublisher directory and run the PolicyPublisher executable as follows to publish the
clientaccesspolicy file.
Please enter the following info for uploading a clientaccesspolicy file:
Service Namespace:<serviceNamespace>
Issuer Name: <issuerName> Issuer Key: <issuerKey> Publish/Delete Policy file (publish/delete): publish Policy File Location: clientaccesspolicy.xml
Requesting token from ACS
Client Access policy published.
- Run
the MessageBufferClient project (right-click the project and select “Debug”
followed by “Start new instance”).
- This will start the Silverlight application in a browser. Note the fields that are present in the window, such as Issuer Name, Issuer Key, Service Namespace and Message Buffer Name. Fill in these fields with the details appropriate to your Windows Azure subscription. The Message Buffer Name is the name of the message buffer that you intend to create for this sample.
- After
this information is entered, click the “Create” button, which will create the
message buffer.
Note that the textbox displays the output of this operation, as follows:
- Now,
click the “Send” button to send a message to the message buffer created in
step 4.
Note that the textbox displays the output of this operation, as follows
Sending request to get token.
Retrieved token successfully Sending request to send message: <msg> This is a test message, Timestamp: 6/21/2010 7:00:01 PM
Message Buffer Operation successful
- Click
the “Retrieve” button to retrieve the message sent in step 5. Note that the textbox displays the
output of this operation, as follows:
Sending request to get token
Retrieved token successfully
Sending request to retrieve message
This is a test message, Timestamp: 6/21/2010 7:00:01 PM - Similarly,
click the “GET” button to retrieve the policy of the message buffer created
in step 4.
The textbox displays the contents of the policy of the message buffer after it is successfully retrieved from the Service Bus.
-
Finally,
click the “DELETE” button to delete the message buffer created in step 4.
-
To
delete the policy file which was published in step 1, run the PolicyPublisher
executable as follows, to delete the clientaccesspolicy file.
Please enter the following info for uploading a clientaccesspolicy file:
Service Namespace: <serviceNamespace>
Issuer Key: <issuerKey> Publish/Delete Policy file (publish/delete): delete Requesting token from ACS
Client Access policy published.
Sending request to get token
Retrieved token successfully
Sending request to create message buffer
<entry xmlns="http://www.w3.org/2005/Atom"><id>uuid:c2978a42-fafc-4ba0-819a-63b411fbe881;id=168</id><title type="text">mymbtest</title><updated>2010-06-09T22:31:52Z</updated><link rel="alternate" href="https://messagebufferuser.servicebus.windows.com/mymessagebuffer/"/><link rel="self" href="https:// messagebufferuser.servicebus.windows.com/mymessagebuffer/"/><link rel="head" href="https:// messagebufferuser.servicebus.windows.com/mymessagebuffer"/><content type="text/xml"><MessageBufferPolicy xmlns="http://schemas.microsoft.com/netservices/2009/05/servicebus/connect" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><ExpiresAfter>PT5M</ExpiresAfter><MaxMessageCount>10</MaxMessageCount></MessageBufferPolicy></content></entry>
The application first requests a token from ACS and successfully gets a token from ACS. Then, it sends a request to ServiceBus with this token to create a message buffer and the message buffer is successfully created. The policy of the message buffer just created is also displayed in the output.
Did you find this information useful? Please send your suggestions and comments about the documentation.