none
10013: An attempt was made to access socket in a way forbidden by its access permissions

    Question

  • Hello,

    SL4 application is generating the error "10013: An attempt was made to access socket in a way forbidden by its access permissions" when intranet website is browsing from a computer that is not registered in Active Directory.

    Scenario:

    1. Web site on IIS 7.0 using asp.net 3.5 and forms authentication. Windows Server 2008
    2. Silverlight 4.0 release on net.tcp
    3. Services in a self-hosting, developed as a Windows Services, listening port 4520

    Registered in active directory domain with the same domain user computers are working properly, but if you enter a guest computer (not registered in Active Directory) to the network, generates the following error:

    Message: Unhandled Error in Silverlight Application Could not connect to net.tcp://pruebasserver:4520/Cnt.Panacea.Wcf.Parametrizacion.SeguridadServicio. The connection attempt lasted for a time span of 00:00:14.4608272. TCP error code 10013: An attempt was made to access a socket in a way forbidden by its access permissions.. This could be due to attempting to access a service in a cross-domain way while the service is not configured for cross-domain access. You may need to contact the owner of the service to expose a sockets cross-domain policy over HTTP and host the service in the allowed sockets port range 4502-4534.   en Cnt.Std.Xap.CntApplication.ctx_ListarTokenCompleted(Object sender, ListarTokenCompletedEventArgs arg)
       en Cnt.Std.Xap.Parametros.SeguridadServicioClient.OnListarTokenCompleted(Object state)

    The clientaccesspolicy.xml file content:

    <?xml version="1.0" encoding="utf-8"?>

    <access-policy>

      <cross-domain-access>

        <policy>

          <allow-from http-request-headers="*">

            <domain uri="*" />

          </allow-from>

          <grant-to>

            <resource path="/" include-subpaths="true" />

            <socket-resource port="4502-4530" protocol="tcp" />

          </grant-to>

        </policy>

      </cross-domain-access>

    </access-policy>

     

    We want to know if we should definitely discard the use of the net.tcp or it is a problem in the IIS configuration.

    Thanks.

    Saturday, October 02, 2010 3:03 PM

Answers

  • Hi,

    Do you enable the wcf windows authentication? Besides, it 10013 may also caused by firewall or proxy, you may contract your network administrator to check if the proxy/firewall require the windows credential.

    Thanks,

    Monday, October 04, 2010 11:45 PM
  • I want to assure you that our network there was a conflict between the DNS domain and an ISA Server. Our network administrator adjusted platform and this error was fixed without changing anything in our application.

    Thanks

    Jaimir G.

    Wednesday, October 20, 2010 8:04 PM

All replies

  • Hi,

    Do you enable the wcf windows authentication? Besides, it 10013 may also caused by firewall or proxy, you may contract your network administrator to check if the proxy/firewall require the windows credential.

    Thanks,

    Monday, October 04, 2010 11:45 PM
  • Hi,

    Thanks for your answers; I need work with my network administrator. I will write in the future confirming if this is the cause of the problem.

    Tuesday, October 05, 2010 12:56 PM
  • I want to assure you that our network there was a conflict between the DNS domain and an ISA Server. Our network administrator adjusted platform and this error was fixed without changing anything in our application.

    Thanks

    Jaimir G.

    Wednesday, October 20, 2010 8:04 PM