tags:

views:

36

answers:

3

I want to implement windows Authentication in silver light, How to do that ?

A: 

As far as I know it's not possible to use Windows Authentication "directly" in Silverlight (at least with a self-hosted WCF service -maybe with IIS there is some support?).

An acceptable way to accomplish this in my opinion is to pass username/password to your server and there you query the Active Directory using an LDAP library. Make sure to use SSL for your service calls otherwise the credentials will travel in clear over the wire.

Francesco De Vittori
A: 

You can implement your logic in an RIA service which allows you to use form and windows based authentication.

vc 74
can u explain little bit more i know how to do it by using asp.net but i need it on silverlight application for out of box.
Jeevan Bhatt
+1  A: 

There is a workaround if you are hosting your Silverlight application in an ASP.NET page.

  1. Make sure that your website (hosting the Silverlight .xap and ASPX page) has Windows Integration security enabled, and anonymous access disabled.

  2. Add the following to your list:

    <param name="initParams" value="myCustomParam1=Foo,userId=<% System.Security.Principal.WindowsPrincipal p = System.Threading.Thread.CurrentPrincipal as System.Security.Principal.WindowsPrincipal; Response.Write(p.Identity.Name); %>" />

This will pass your username pulled from ASP.NET into your Silverlight application.

  1. Add this line to your App.xaml.cs page, in the Application_Startup method:

    // Take parameters and store them in application resources
    if (e.InitParams != null)
    {
        foreach (var data in e.InitParams)
        {
            this.Resources.Add(data.Key, data.Value);
        }
    }
    
  2. Once you have the above steps in place, you can access your value from page code behind using the following:

    App.Current.Resources["userId"].ToString();

  3. Also, as an alternative, if you run your application on an Intranet, and run it in out-of-browser mode with elevated security, this is all much easier. You can access the Windows API using this:

    if (Application.Current.HasElevatedPermissions) { using (dynamic wshNetwork = AutomationFactory.CreateObject("WScript.Network")) { return (wshNetwork.UserName); } }

enforge
I will also add that there is a security risk in this approach. A very savvy user can create a copy of your html page (complete with the required javascript libraries and all) and modify the ASPX page so that they are hard-coding credentials (of another user). In most Intranet scenarios this requires a certain amount of knowledge and should not be an issue. If your application needs to be bullet-proof, you may want to investigate adding the security at a lower level (i.e. using out-of-browser mode with elevated permissions and leveraging the Windows API).
enforge