Silverlight 4 Authentication using session variables

Posted on 2011-05-03
Last Modified: 2013-11-12
This code snippet provide light on implementing the same functionality for my application.  

In my implementation, I need to use the session variable to do the authentication without a log in screen.  
It looks like I can
1.  store the session values in hidden text boxes ?
2. uses the the values to check two database tables?
3. If the user is not authentication, display a message
4. update another table with the attempted login
5. disable navigation to other pages if not authenticated.

Is this possible?  If so, what steps to I take?
Question by:Annette Wilson, MSIS
    LVL 27

    Expert Comment

    Here's what I understand of your question (as I don't see the code-snippet you've mentioned)

    Your Silverlight application is hosted in an page. Your page has a session variable that stores if the user is authenticated or not. Based on this value you want to enable/disable some controls in your SL app.

    If I'm not even close, then stop reading.

    You need some kind of service (web service or WCF service or RIA service).

    Here's a link that talks about using a RIA service:


    Author Comment

    by:Annette Wilson, MSIS
    Thank you for your response.  
    I have included the code snippet from the related question.  I do understand that I need an authentication service.  Just don't know how I can get the session info and pass it to login controls so that the without the user having to perform the log in process.

    using System;
    using System.Collections.Generic;
    namespace SessionDemo
        public static class SessionManager
            private static Dictionary<string, object> session = new Dictionary<string, object>();
            public static Dictionary<string, object> Session
                get { return SessionManager.session; }
                set { SessionManager.session = value; }
    SessionManager.Session["uname"] = "kunal";
    txbUname.Text = SessionManager.Session["uname"].ToString();

    Open in new window

    LVL 27

    Expert Comment

    Where is this class located - ASP.NET site or the SL application?


    Author Comment

    by:Annette Wilson, MSIS
    The code I posted was from another user's resolved question so I really don't know where the class should be located.  

    I just stumbled upon a post that may help.  It looks like I can create a WebContext class on the client in the Silverlight application then pass information from the server to the client.

    This session manager class may have to be put on the server side.    

    Is it possible to tell me the steps I need to take for my scenario?

    First thing I have to figure out is how to configure my Silverlight Application to use the tables I have loaded in the Entity Model for authentication and timestamped login data.  How do I use the ASP.Net Configuration Manager to do this?

    Accepted Solution

    The requirement for this solution was that I do all of the authentication and authorization in the background and not present the user with a login screen.  

    This solution custom.  

    1. I used WCF Ria Web Service which allowed me to access the users identity.  
    2. Because of the requirements, I used the identity to retrieve additional data regarding the department and role of the user from a database on another server.
    3. I used Isolated storage to save the data (user name, ID, Department).
    4. For each module within the application that the user accessed, Isolated storage was checked and the user was authorized to see the appropriate data or denied access.

    Author Closing Comment

    by:Annette Wilson, MSIS
    Due to this company's internal requirements and governance, I could not use the normal authentication services.  Had to create a completely customized authentication and authorization solution.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    This article surveys and compares options for encoding and decoding base64 data.  It includes source code in C++ as well as examples of how to use standard Windows API functions for these tasks. We'll look at the algorithms — how encoding and decodi…
    A theme is a collection of property settings that allow you to define the look of pages and controls, and then apply the look consistently across pages in an application. Themes can be made up of a set of elements: skins, style sheets, images, and o…
    This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA.…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now