Hello Wei,
After a week of playing with Secured Map services and Silverlight applications I have now successfully running applications that use the proxy.ashx and proxy.config.
The applications were developed with VS 2008, Silverlight 3, and Silverlight API 1.2 - working with the proxy page.
I used the VS 2010 conversion wizard to convert the applications to Silverlight 4 ( .Net framework 3.5, and Silverlight API 1.2) - the applications are still working, properly using the proxy.ashx. I did not upgrade to Silverlight API 2 beta, because I didn't want to add more problems at this point, so this could be the reason of your issue.
I am not sure what kind of security you are using, but here is what you might watch out for if you are using Windows Authentication (you probably already know this, but just a little review):
- in your proxy.config make sure you add the username, password, and domain, because this is the account that is used by the proxy to authenticate the request to the map service; If you don't specify these, you will get either 401 Unauthorized or 403 Forbidden (can't recall which one). Just debug the proxy.ashx to see where it breaks, and to make sure the request actually go through it. Because I didn't want to add this username ( I want the currently logged in user to access the map services) I added a few lines of code in the proxy.ashx file to pass the default credentials to webRequest_401.
- if you have alias name for the web server, add another serverItem just in case you have used the alias when adding you layer on the map control;
- make sure you specify the ProxyURL attribute for your layers, QueryTasks, IdentifyTasks...;
- in IIS manager uncheck the Anonnymous user in Directory Security for that website;
- make sure you have the correct settings in web.config in the authentication and identity tags.
Hope this helps!
Good Luck!
Darina