The Azure ServiceBus Access Control Service was updated on July 1, 2010 with a very nice surprise: it has policy files in place for Silverlight and Flash! A week ago, I had written some code that redirected authentication requests and so on so that my Silverlight code could authenticate against the ACS. Today, I saw a post that the service had been updated. So, I went ahead and tried it out:
Silverlight: https://%5Byour service].accesscontrol.windows.net/crossdomain.xml
Flash: https://%5Byour service].accesscontrol.windows.net/clientaccesspolicy.xml
Note that both of these are policies that allow ANYONE to send messages to the ACS.
crossdomain.xml has this in the body:
<allow-access-from domain="*" secure="true" />
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="true" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
I’d like to see options via the SDK or the admin UI that allow me to turn on global access or per website access. This is something I would change rarely, so the min-bar for me would be something on the Azure web site that allows me to manage the crossdomain.xml contents. I’ve already posted something to the forums and will be interested to see what happens next.