• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 801
  • Last Modified:

Silverlight 4 Authentication using session variables

This code snippet provide light on implementing the same functionality for my application.  

In my implementation, I need to use the session variable to do the authentication without a log in screen.  
It looks like I can
1.  store the session values in hidden text boxes ?
2. uses the the values to check two database tables?
3. If the user is not authentication, display a message
4. update another table with the attempted login
5. disable navigation to other pages if not authenticated.

Is this possible?  If so, what steps to I take?
0
Annette Wilson, MSIS
Asked:
Annette Wilson, MSIS
  • 4
  • 2
1 Solution
 
nmarunCommented:
Here's what I understand of your question (as I don't see the code-snippet you've mentioned)

Your Silverlight application is hosted in an asp.net page. Your asp.net page has a session variable that stores if the user is authenticated or not. Based on this value you want to enable/disable some controls in your SL app.

If I'm not even close, then stop reading.

You need some kind of service (web service or WCF service or RIA service).

Here's a link that talks about using a RIA service:
http://peterkellner.net/2010/01/25/authentication-and-authorization-using-ria-services-article-7-of-7/

Thanks,
Arun
0
 
Annette Wilson, MSISAuthor Commented:
Arun,
Thank you for your response.  
I have included the code snippet from the related question.  I do understand that I need an authentication service.  Just don't know how I can get the session info and pass it to login controls so that the without the user having to perform the log in process.

using System;
using System.Collections.Generic;
 
namespace SessionDemo
{
    public static class SessionManager
    {
        private static Dictionary<string, object> session = new Dictionary<string, object>();
 
        public static Dictionary<string, object> Session
        {
            get { return SessionManager.session; }
            set { SessionManager.session = value; }
        }
    }
}
 
 
 
 
SETTING :
 
SessionManager.Session["uname"] = "kunal";
 
 
GETTING :
 
txbUname.Text = SessionManager.Session["uname"].ToString();

Open in new window


0
 
nmarunCommented:
Where is this class located - ASP.NET site or the SL application?

Arun
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
Annette Wilson, MSISAuthor Commented:
The code I posted was from another user's resolved question so I really don't know where the class should be located.  

I just stumbled upon a post that may help.  It looks like I can create a WebContext class on the client in the Silverlight application then pass information from the server to the client.

This session manager class may have to be put on the server side.    

Is it possible to tell me the steps I need to take for my scenario?
http://www.nikhilk.net/RIAServices-Authentication.aspx

First thing I have to figure out is how to configure my Silverlight Application to use the tables I have loaded in the Entity Model for authentication and timestamped login data.  How do I use the ASP.Net Configuration Manager to do this?
0
 
Annette Wilson, MSISAuthor Commented:
The requirement for this solution was that I do all of the authentication and authorization in the background and not present the user with a login screen.  

This solution custom.  

1. I used WCF Ria Web Service which allowed me to access the users identity.  
2. Because of the requirements, I used the identity to retrieve additional data regarding the department and role of the user from a database on another server.
3. I used Isolated storage to save the data (user name, ID, Department).
4. For each module within the application that the user accessed, Isolated storage was checked and the user was authorized to see the appropriate data or denied access.
0
 
Annette Wilson, MSISAuthor Commented:
Due to this company's internal requirements and governance, I could not use the normal authentication services.  Had to create a completely customized authentication and authorization solution.
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now