An interesting question crossed my plate today “why should I use a client access policy or cross domain policy on my server?”. Having come from the server world, I had to remind myself repeatedly that the fundamental difference between Silverlight and ASP.NET is Silverlight runs on the client, and ASP.NET runs on the server.

Along with this difference is the ability to access data. ASP.NET applications can use the HttpWebRequest or call a web service not located on the same server. Since Silverlight runs on the client, it is a potential security risk to access data from a server where the XAP did not originate. SO, the introduction (it’s a standard practice for Flash) of the client access policy. Briefly, create a file named clientaccesspolicy.xml with the xml content below, and your service/data is ready to be consumed by Silverlight.

What is three major points in WCF?

1) Address — Specifies the location of the service which will be like http://Myserver/MyService.Clients will use this location to communicate with our service.

2) Contract — Specifies the interface between client and the server. It’s a simple interface with some attribute.

3) Binding — Specifies how the two paries will communicate in term of transport and encoding and protocols