Custom UserNamePasswordValidator with Silverlight 3.0 | ansaurus

tags:

views:

266

answers:

1

Q:

Custom UserNamePasswordValidator with Silverlight 3.0

I have implemented a WCF service that uses a TransportWithMessageCredential binding and a custom UserNamePasswordValidator.

I have a Silverlight 3 client connecting to this service. If I set valid credentials it works perfect, however, in the username validator I throw a SecurityTokenException if the username and password does not match.

Now I have implemented a dummy service call just to verify the credentials, is there a "nicer" way of checking the credentials. A service method that accept username and password and returns true/false doesn't feel safe.

A:

I think you're going about security in the wrong way. there are builtin methods for dealing with this. Look up "Membership Providers". Ex:

http://blogs.msdn.com/brada/archive/2008/05/03/accessing-the-asp-net-authentication-profile-and-role-service-in-silverlight.aspx

vidalsasoon 2010-01-17 13:31:40

Doesn't that require the client to do a forms-authentication (or Windows)? In the SL case that is not a problem, but I will have other clients too (e.g. iPhone), that will not authenticate via a web-application. Is it possible to authenticate a caller through web-service calls only, a membership provider could be interesting.

Fredrik Jansson 2010-01-17 16:43:04

the link i posted uses a pure WCF authentication service.the client can be anything as long as it supports SOAP web services. look for "AuthenticationService" in the article.

vidalsasoon 2010-01-18 00:49:29

related questions

Silverlight DataBinding cross thread issue

Suggestions for migrating ASP.net app from 1.1 forward

Clone a control in silverlight

How to track if browser is Silverlight enabled

Image cropping C# without .net library

Large File Download

Image processing in Silverlight 2

ASP.NET vs. Silverlight

XAML - Accessing static fields

What's the best way to display a video with rounded corners in Silverlight?

How to do crossdomain calls from Silverlight?

Databind RenderTransform Scaling in Silverlight 2 Beta 2

Custom Attribute Binding in Silverlight

What is the purpose of the 'AppManifest.xaml' file in Silverlight applications?

Silverlight programatic access to Sony RZ30N Video Feed

Silverlight vs Flex

Version detection with Silverlight

What's your top feature request for Silverlight?

How do I update my UI from within HttpWebRequest.BeginGetRequestStream in Silverlight

Upload binary data with Silverlight 2b2

In silverlight, how to you attach a changeEvent handler to an inherited dependency property?

What is the easiest way to add compression to WCF in Silverlight?

What is the value-binding syntax in xaml?

Using SQLite with Visual Studio 2008 and Silverlight

Hiding inherited members in C#