Hi all, I have a silverlight application with classic User Login process.My problem is that when I listening the browser with Fiddler application,i see request uris clearly which means:
myriaserviceurl/binary/?username=asd&password=12345
this isnt secure isnt it?
Do RIA Services have an encryption? How can i encrypt data between client and server?
Thx your answers.
Their is packet and transport encryption - as you are using HTTP - I think you need transport to avoid the URL being seen. In Silverlight, that means SSL
But then again, I'm still getting my footing on all this... :)
You need to setup SSL in your hosting site, then change the Authentication Domain Service's attribute like following.
[EnableClientAccess(RequiresSecureEndpoint = true)]
public class AuthenticationService : AuthenticationBase<User> { }
With that attribute, any client accessing that service will access it over HTTPS. If the hosting site doesn't have HTTPS enabled, i.e. SSL is not set up, then clients would not be able to access it.
The hard part is setting up SSL for your hosting site, but it isn't too hard.
You can follow this link for further explanation.
All i understand,this is impossible without SSL :( thank you friends