views:

1535

answers:

1

I have an existing working WPF Application in which I have implemented my own custom authentication to a backend WCF service. When I access this service from WPF, setup the ServiceProxy as follows:

proxy.ClientCredentials.UserName.UserName = "test";
proxy.ClientCredentials.UserName.Password = "pass";

and because I'm using HTTPS the uid/pwd is secure.

In Silverlight 2 there is no .ClientCredentials object on the proxy. The only option I've found is to add two string parameters to EVERY WCF Exposed method for Uid/Pwd. That sounds like insanity to me, there MUST be a better way, no?

+4  A: 

Unfortunately Silverlight 2 only supports basicHttpBinding which means it doesn't support ClientCredentials.

The 2 options you have are: 1. As you mentioned passing the username and pass with each request. 2. using asp.net authentication and enable asp.net compatability mode in your services.

-- N.B TransportSecurityWithMessageCredentials I mention below didn't seem to make the cut for SL3 so only options are the 2 above for both SL2 and SL3

Silverlight 3 improves on this story with TransportSecurityWithMessageCredentials and you can find out more about this on the Silverlight Web Services Team blog (Would link to it but apparently as I'm a new user I'm not allowed0

HTH

Andy Britcliffe
Do you have a link to using asp.net authentication through silverlight 2?Does Transport SecurityWithmessageCredentials provide roughly the same thing as ClientCredentials in WPF?
Nate Bross
For asp.net compat mode essentially all you need to do is decorate your wcf classes with [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]You then get access to HttpContext which means you can access the User properties populated by the asp.net membership. Helpful link I found was http://blogs.msdn.com/brada/archive/2008/05/03/accessing-the-asp-net-authentication-profile-and-role-service-in-silverlight.aspxCan't comment on the similarities for TransportSecurityWithMessageCredentials as not had a chance to play with it yet. HTH
Andy Britcliffe