Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Silverlight 4 Authentication

Posted on 2011-04-21
15
Medium Priority
?
548 Views
Last Modified: 2013-11-12
Hi!
How do I check the User's credentials against a database table and not allow them to access other pages in the application.

1. User accesses Silverlight Application and the home page is displayed.
2. User clicks hyperlink to open another page.  
3. I check the user id that is in (a session state ??) against database
4. If the user id is not in the database.  I display a message stating that the user does not have access, contact administrator.
0
Comment
Question by:Annette Wilson, MSIS
  • 7
  • 4
12 Comments
 
LVL 8

Expert Comment

by:databoks
ID: 35445139
0
 
LVL 2

Expert Comment

by:cslimrun
ID: 35779141
It is generally an accepted solution to handle the authentication in the hosting ASP.NET application. Robust support exists there.

As for authorization there is support in silverlight 4 navigation to handle this. Look at this article:
http://www.davidpoll.com/2010/01/01/opening-up-silverlight-4-navigation-authenticationauthorization-in-an-inavigationcontentloader/
0
 

Author Comment

by:Annette Wilson, MSIS
ID: 35822862
I hope someone can help me finish.
I created a service that successfully retrieves Windows uid.
I pass the uid as a parameter to another service that brings back three fields.
I created a user base class so that I can use the data as objects

Need help with the rest
I created an authentication domain service but don't know how to take the data, Mainly EmpID and Division Pass them as parameters to check another database.

I created a Stored procedure that will return a 1 if the person exists but don't know how to return this as a means of authenticating them.

I will not have a log on screen.  If the user is not authenticated, a window will open stating that they are not authorized...etc   I will also put the attribute on the domain service [requires authentication].

Also don't know how to put [requires authentication] on the other web service.

Please see the attached file.

DraftAuthService.doc
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Expert Comment

by:cslimrun
ID: 35835210
This article describes in detail how to implement exactly what you have started:
http://msdn.microsoft.com/en-us/library/ee707361(v=VS.91).aspx

I don't understand exactly what is your sticking point.

Here are two walkthroughs that provide additional detail:
http://msdn.microsoft.com/en-us/library/ee942451(v=VS.91).aspx
http://msdn.microsoft.com/en-us/library/ee942449(v=VS.91).aspx

If you have a specific question regarding something in your implementation that is not working then please ask.
0
 

Author Comment

by:Annette Wilson, MSIS
ID: 35838424
I have followed these examples and all of them are geer toward a login screen type solution and are mostly forms based.  My requirements are a little different.

I do have a solution now that I would appreciate anyone's help with.  How would I store items returned from my service in session like variables?

1. Since my service is asp.net compatability, I saw that I was able to create session variables:
2. How do I store the items that return from my service in the local variable?
3. How do  I pass those values as parameters for another service call?

1. My variables:

Dim Variable As String = CType(HttpContext.Current.Session("VariableName"), String)
    Dim Variable As String = CType(HttpContext.Current.Session("VariableName"), String)
    Dim Variable As String = CType(HttpContext.Current.Session("VariableName"), String)

My Service Results:
                Using reader As SqlDataReader = dcmd.ExecuteReader()

                    While reader.Read()

                         list.Add(New Entity() With { _
                         .Value1 = reader("Value1").ToString(), _
                         .Value2 = reader("Value2").ToString(), _
                         .Value3 = reader("Value3").ToString() _
                               })

                    End While

                End Using
                conn.Close()
            End Using

            Return list

Open in new window

0
 

Author Comment

by:Annette Wilson, MSIS
ID: 35838506
Or even better, How can I store the results from my service in global variables withing App.XML?

IF I can accomplish this, it would be a major step toward completing my requirements.

As I pass the variable values through other service calls, the results will give me authenticated users.

I will then permit or deny access by redirecting them to an error page or to the modules within the application.
0
 

Author Comment

by:Annette Wilson, MSIS
ID: 35839630
I can even use Isolated storage....

For the service that returns values, How do I write the three values to isolated storage in my completed event?


My Service Results:
                Using reader As SqlDataReader = dcmd.ExecuteReader()

                    While reader.Read()

                         list.Add(New Entity() With { _
                         .Value1 = reader("Value1").ToString(), _
                         .Value2 = reader("Value2").ToString(), _
                         .Value3 = reader("Value3").ToString() _
                               })

                    End While

                End Using
                conn.Close()
            End Using

            Return list


Private Sub GetDataCompleted(ByVal sender As Object, ByVal e As Service.GetDataCompletedEventArgs)       
 Dim IsolatedStorageFile = IsolatedStorageFile.GetUserStoreForApplication()           
 Using stream As IsolatedStorageFileStream = file.OpenFile("app.data", System.IO.FileMode.Create)                
' write data with writer.Write                
Using writer As New StreamWriter(stream)  
 End Using
 End Using
 End Sub

Open in new window

0
 
LVL 2

Expert Comment

by:cslimrun
ID: 35841869
//Here is one way
try
{
    using (IsolatedStorageFile file = IsolatedStorageFile.GetUserStoreForSite())
    {                        
        using (IsolatedStorageFileStream stream = new IsolatedStorageFileStream(PersistID, FileMode.Create, file))
        {
            //Assume that object serializer was initialzed elsewhere
            serializer.WriteObject(stream, this);
        }
    }
}
catch (Exception ex)
{
    throw ex;
}


//Here is a simpler way
IsolatedStorageSettings.ApplicationSettings["MyKey"] = myObject;
IsolatedStorageSettings.ApplicationSettings.Save();

Open in new window

0
 

Author Comment

by:Annette Wilson, MSIS
ID: 35843022
Thank you cslimrun,
I'm beginning to put these pieces together.  I was able to store results from the service in isolated storage.  

Did a little more research and I see many ways to write to storage.  How to I read from storage so that I can pass the text as a parameter.
Dim userSettings As IsolatedStorageSettings = _
            IsolatedStorageSettings.ApplicationSettings

        userSettings.Add("KEY", e.Result)

Open in new window

0
 
LVL 2

Expert Comment

by:cslimrun
ID: 35881975
I didn't try this - but I am assuming:
userSettings["KEY"].ToString()
0
 

Accepted Solution

by:
Annette Wilson, MSIS earned 0 total points
ID: 36029497
I was able to create a custom authentication service using a web service, my databases, and isolated storage.  I will be posting an article shortly explaining the solution.
0
 

Author Closing Comment

by:Annette Wilson, MSIS
ID: 36053264
I was able to create a custom security solution.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface This is the third article about the EE Collaborative Login Project. A Better Website Login System (http://www.experts-exchange.com/A_2902.html) introduces the Login System and shows how to implement a login page. The EE Collaborative Logi…
JavaScript has plenty of pieces of code people often just copy/paste from somewhere but never quite fully understand. Self-Executing functions are just one good example that I'll try to demystify here.
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question