Silverlight
This topic describes how to authenticate the end users of your Silverlight-based ASP.NET Web site when you want to create a rich user log-in experience by using the full graphical power of Silverlight, instead of relying on an HTML-based mechanism, such as the ASP.NET Login Control. You can do this by using the ASP.NET Authentication service. For information about using this service, see ASP.NET Authentication Service Overview.
To use the ASP.NET Authentication service, you must have an ASP.NET site with Forms Authentication being accessed through a Silverlight application that is hosted on a Secure Sockets Layer-enabled (HTTPS) server. There are two requirements:
Secure Sockets Layer (SSL) is required because users must be able to verify the identity of your Silverlight application before trusting it with their passwords. Therefore, it is important to host XAP packages of Silverlight applications that accept passwords from SSL-enabled sites (https:// addresses), just like regular Web pages that accept passwords.
The Authentication service itself must be hosted with SSL to protect the user’s credentials when they travel over the wire.
In Solution Explorer, right-click the service project and select Add, then New Item, and select the Silverlight-enabled WCF Service template from the Silverlight category. Call it Authentication.svc in the Name box and click Add.
Delete the Authentication.svc.cs file. ASP.NET provides a built-in implementation for this service, so no code is required for this service.
Replace the contents of Authentication.svc with the following code.
<%@ ServiceHost Language="C#" Service="System.Web.ApplicationServices.AuthenticationService" %>
This directive accesses the AuthenticationService class, which contains the built-in Authentication service implementation provided by ASP.NET.
Ensure that the Authentication service is turned on by setting the enabled attribute of the
<authenticationService> element in the configuration to true.
<authenticationService> element in the configuration to true.
<system.web.extensions>
<scripting>
<webServices>
<authenticationService enabled="true"
requireSSL = "true"/>
</webServices>
</scripting>
</system.web.extensions>
Note that for debugging purposes, the requireSSL attribute can be set to false, but you must switch it back to true before going to production.
In the Web.config file, set both the name attribute of the <service> element and the contract attribute of the service <endpoint> element to System.Web.ApplicationServices.AuthenticationService.
<service name="System.Web.ApplicationServices.AuthenticationService">
<endpoint address=""
binding="customBinding"
bindingConfiguration="WebApplication2.Authentication.customBinding0"
contract="System.Web.ApplicationServices.AuthenticationService" />
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
Change the <httpTransport /> element to the <httpsTransport /> element in the <customBinding> section.
<customBinding>
<binding name=" WebApplication2.Authentication.customBinding0">
<binaryMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
Now you are ready to host the service. Because the service is hosted over HTTPS, you will not be able to host it in Visual Studio. You will need to deploy the Web application to IIS. Do this on the Web tab of the Web application properties.
Note:
IIS must also be configured to support an HTTP-based binding.
To log in to the service with the Silverlight application
Use Add Service Reference or Slsvcutil.exe in your Silverlight application to add a reference to Authentication.svc. See How to: Access a Service from Silverlight for instructions on how to use the Add Service Reference Tool.
Add any other services you need for your application (for example, MyService.svc) as described in How to: Host a Secure Service in ASP.NET for Silverlight Applications.
In your Silverlight application, use code similar to the following code to log in.
var proxy = new AuthenticationServiceClient();
proxy.LoginCompleted += new EventHandler<LoginCompletedEventArgs>(proxy_LoginCompleted);
proxy.LoginAsync(userNameTextBox.Text, passwordTextBox.Text, null, false);
// Event handler:
void proxy_LoginCompleted(object sender, LoginCompletedEventArgs e)
{
if (e.Error == null)
{
// Log in successful, you now have an authentication cookie
// and can call other services.
}
}
After the login is successful, you can call the other secure services you have added (for example, MyService.svc). No additional authentication code is required to access these services.
You may be using the ClientHttp networking stack to propagate SOAP Faults to the client or for other reasons. For more information about reasons for using the networking stack based on the client operating system instead of the default browser networking stack, see How to: Make Requests to HTTP-Based Services. For more information about how to opt into the client networking stack, see How to: Specify Browser or Client HTTP Handling.
If you are using the client networking stack, cookies will not automatically be carried over between the Authentication service proxy and your service proxy. Some extra steps are needed to ensure that the authentication cookie returned by the Authentication service is used by your service proxy. Normally, if using the default BrowserHttp networking stack, the Web browser performs this automatically.
To enable WCF to give you access to the underlying cookie store that each proxy uses, add the <httpCookieContainer> binding element to the <binding> of <customBinding> (Silverlight) section above the <httpsTransport> element.
Read more: MSDN