Tags: | Categories: Blog Posted by admin on 9/4/2009 6:26 AM | Comments (1)

Please read the previous post from this series you can catch up.

I have received many questions about the previous post of how the proxy files actually work. I was looking how .NET RIA Service connects ASP.NET and Silverlight, I was expecting the code that I call from Silverlight using the generated proxy file to call the ASP.NET in the server, yet this is not the case, .NET RIA Service makes a complete copy of the file and compiles it under Silverlight, so all the shared code is just that, 2 different classes, one running in ASP.NET and the other running in Silverlight. That’s why you need to make sure the classes you use in ASP.NET are 3.5 compatible.

 

Authentication with .NET RIA Services.

Creating a Silverlight application and using the Checkbox to enable that project for ,NET RIA services won’t give you everything you need to use the .NET RIA Services Authentication right now, I do not know if that will change on the release version.

The concept is great, yet, .NET RIA Services is still in development and I believe they haven’t added the “Authentication Domain Service” to secure your Silverlight application with the ASP.NET security context.

For Authentication .NET RIA Service need to be a little different, as need to run on the ASP.NET, even if you call it from Silverlight. So you want to Authenticate a user from Silverlight and you add this code:

namespace SilverlightApplicationRIA
{
    public partial class MainPage : UserControl
    {
        public MainPage()
        {
            InitializeComponent();           

            RiaContext.Current.Authentication.Login("al", "pascual");
        }

    }
}

You’ll receive this error from the .NET RIA Services letting you know you need to create a Context first.

“No contexts have been added to the Application's lifetime objects. For RiaContextBase.Current to resolve correctly, add a single context to the lifetime objects.”

image

So doesn’t work out of the box, you need to configure ASP.NET with a Membership provider and enable authentication on the web.config. The fastest way is to enable Windows Authentication, then create a Domain Service, go to Add –> New Item and select “Authentication Domain Service”

image

This is where the problem starts, you won’t be able to find these item in the list. The item is missing on the lastest .NET RIA Service from July sample.

 

Using the Business Application Template for Security enable application.

So if you want Authentication in .NET RIA Services, you’ll have to create a new project instead of just linking or enabling .NET RIA Services.

Go to create a new project, select Silverlight and “Silverlight Business Application” to create a new application with many things build in for you.

image

Click to register a new user/.

image 

 

 

 

Upon registration and also login in, Silverlight talks to ASP.NET using .NET RIA Services, the biggest concern for developers is how to prevent the credentials to be seen by anybody as the client needs to send it to the server.

I added Fiddler in the middle to see the communication between the client and the server. Silverlight sends in a post sending the username and password in text.

POST /ria/ClientBin/DataService.axd/BusinessApplication1-Web-AuthenticationService/Login HTTP/1.1
Accept: */*
Content-Length: 58
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)
Host: alhome
Connection: Keep-Alive
Pragma: no-cache

userName=al&password=hellowworld3%23%23&isPersistent=False

Works the same way than in ASP.NET with a post into the server, then  is the server that checks the database and does the authentication. So the best way to secure that communication will be using SSL if you do not want to protect the credentials.

image

Credentials get stored into a File database on ASP.NET.

This template is using the Authentication context to the server

private AuthenticationService _authService = RiaContext.Current.Authentication;

 

Securing a Silverlight object using Roles in Silverlight and .NET RIA Services.

So this sample will explain using the ESRI Silverlight Map Control, coolest Silverlight control out there, how to protect using Authentication Roles a object in Silverlight.

In the Home UserControl I added the ESRI Silverlight Map and change the visibility depending on the user authentication.

public Home()
        {
            InitializeComponent();

            if (RiaContext.Current.Authentication.IsLoggingIn == true)
                MyMap.Visibility = Visibility.Visible;
            else
                MyMap.Visibility = Visibility.Collapsed;

            RiaContext.Current.Authentication.LoggedIn += new EventHandler<System.Windows.Ria.ApplicationServices.AuthenticationEventArgs>(Authentication_LoggedIn);
            RiaContext.Current.Authentication.LoggedOut += new EventHandler<System.Windows.Ria.ApplicationServices.AuthenticationEventArgs>(Authentication_LoggedOut);
        }

        void Authentication_LoggedOut(object sender, System.Windows.Ria.ApplicationServices.AuthenticationEventArgs e)
        {
            MyMap.Visibility = Visibility.Collapsed;
        }

        void Authentication_LoggedIn(object sender, System.Windows.Ria.ApplicationServices.AuthenticationEventArgs e)
        {
            MyMap.Visibility = Visibility.Visible;
        }

image

As well I register the events for login and logout to make sure I hide the map when the user logout.

You can register a username and password or use:

username: test

password: test123!

This is how .NET RIA Services shows the best way to use Role base security using Silverlight.

Download all the code here

 

Hope this helps

Cheers

Al

blog comments powered by Disqus