Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to make a Silverlight app use Windows authentication

Posted on 2011-09-30
4
Medium Priority
?
1,009 Views
Last Modified: 2012-05-12
I'm trying to get my first SL app to work using Windows authenticaion but I'm not having any luck. I have followed a couple of tutorials but no luck.
I have created a SL Business app and changed the following settings:
In AuthenticationServicec.cs I added RequiresSecureEndpoint
  [EnableClientAccess(RequiresSecureEndpoint = true)]
   public class AuthenticationService : AuthenticationBase<User> { }

In the web.config I changed the Authentication mode to "Windows"

When I try to run on my machine using localhost the app opens and I see authenticating... when there used to be  Login and after about 30 seconds I get an error asking me how I want to debug.
In the error box it says I'm getting An unhandled Exception code 4004
Message: ServiceModel.DomainServices.Client.DomainOperationsException

I tried to publish to my Dev IIS Server and run it from a browser and I get promted to log in but after logging in I get theerror in the SilverlightError.jpg file
Not sure where to go from here, doesn't seem like there is a lot of documentation out there on Windows authentication which really surprises me since it seems like SL is more of a LOB app than anything.
Any help will be greatly appreciated.

 

Syste.ServiceModel.DomainServices.Client.DomainOperationException:
SilverlightError.JPG
0
Comment
Question by:AkAlan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 29

Expert Comment

by:pwindell
ID: 36906356
Silverlight has never (in its history) been able to properly authenticate with a CERN Compliant Web Proxy that requires authentication.

If the Proxy happens to be ISA Server or TMG then you have the option of:

You need Silverlight to be "proxy agnostic" (to be completely unaware that the proxy exists).  The only way to do that is to remove the proxy settings from the Browser.  This will limit the client machine to running as a Firewall Client or a SecureNAT Client.  Since SecureNAT Clients are not capable of authentication,...the only option you have left is the run the machine as a Firewall Client.  The Client machine can also still run as a SecureNAT Client for non-TCP or non-UDP protocols.

If the Proxy is not ISA Server or TMG then you are pretty much screwed.  You will have to have the Proxy allow communication anonymously or you simply will not be able to run it with a proxy.

Save yourself a bunch of trouble,...run as far and as fast from Silverlight as you can.  Go with a Flash Application or a JAVA Application,...however there have been times I have seen Apps based on those have similar trouble.
0
 
LVL 6

Accepted Solution

by:
AkAlan earned 0 total points
ID: 36907008
Not sure what CERN is but I was able to get my application to authenticate.
Default web.config settings point the membership and role providers to be SQL based, not Windows. Had to change the settings like this:

<authentication mode="Windows">
      <!--<forms name=".D008_ASPXAUTH" timeout="2880" />-->
    </authentication>

      <membership defaultProvider="ADMembershipProvider">
          <providers>
              <add name="ADMembershipProvider" applicationName="/" type="System.Web.Security.ActiveDirectoryMembershipProvider" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName" connectionProtection="Secure"/>
          </providers>
      </membership>

    <roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider">
      <providers>
        <clear />
        <!--<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />-->
        <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
      </providers>
    </roleManager>
    <profile enabled ="false">
      <!--<providers>
        <clear />
        <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" />
      </providers>
      <properties>
        <add name="FriendlyName" />
      </properties>-->
    </profile>

Open in new window

0
 
LVL 6

Author Closing Comment

by:AkAlan
ID: 36935312
Was able to solve my issue with MS help.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 36910513
Ok, sounds good.

I don't remember what "CERN" stands for,...I think the "E" is European but I don't remember the rest.  But there are standards that a "web proxy" should follow and it is a reference to that.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question