authentication - Silverlight Design Question -
I am going to develop an application for work, and I am trying to decide that Silverlight Business App Whether or not to use Asp or Net Web App My manager has worried about display and download time, if I created the entire application as Silverlight app, with authentication. I have been playing with some tutorials in the past few weeks trying to get a perspective on my situation and have come up with a design question which is more experienced than me.
Is it possible to use an ASP.Net application and embed the Silverlight application in only one of those pages, which will be used within a folder, which is configured with role authority has gone? And if so, it would be possible to obtain the user credentials of the client Silverlight app without passing them through intpram.
I understand that I can set up authentication to "use cookies", so I was thinking that I can get a cookie on the client and hopefully if the user is certified then its Confirming property will be available.
>Besides, will it be a risky exercise? Thanks for any advice and direction.
There are some approaches you can take. While I know that you do not want to expose credentials in init params, you can generate a "ticket" (claim-based authentication) for credentials, and a ticket in the init parameter (for example, a GUID) when If the Silverlight application launches, it will use the ticket, it will probably validate it via a secure web service call, and the ticket will no longer be valid, even if someone has cheated it or the source Be seen, it can not be used.
A lot depends on your architecture. For example, if you are using role-based authentication, and most business logic and / or decisions are based on web service calls, then web service can use HttpContext.Current.Identity to validate the user. . Even if a person opens the Silverlight application, a service call may fail until they are properly certified. Otherwise, I would like to go to the ticket, hence the Silverlight Trust user is valid (you can create a service which accepts the grid and gives information about the role) or log in with the Silverlight user (you have A service is front authentication system and then returns a ticket and / or role information).
If you decide to use WCF RIA, then it becomes more interesting to see these examples for back-in authentication:
Comments
Post a Comment