#1 May 31, 2008 9:43 AM

I never knew that we can introduce authentication so easily.

The videos is great, it is very well-paced!

I would love to see more videos on more advanced topics such as security or performance.

Rcommended!  

#2 June 02, 2008 6:33 PM

This video was very helpful. Thank you.

I second the comment on more advanced toics in Silverlight. One in particular that I would love to see covered is uploading files to the webserver (with upload progress indicator).

#3 June 03, 2008 2:08 PM

Hi and congrats on this video - learnt a lot from it!

Is the test project available for download somewhere?

vitya

#4 June 03, 2008 3:03 PM

Sorry, just realized where it is....

#5 June 03, 2008 5:30 PM

Hi Tim,

I couldn't find any resources on how to do the authentication if the user accounts are not "hardcoded" on the server. I have my users' data stored in SQL and (I guess) I would like to use my own authentication (forms authentication, within Silverlight). Is this at all possible? Can you point me to the right direction?

Thanks

vitya

#6 June 03, 2008 10:20 PM

Hi Tim,

Great sample and video - just what I've been after for a while.

I've put together some code and am also using the Role service - simple to add, although what I did works; just to check these 3 steps are correct and all I need:

1. Added the svc text file with Role Service referenced

<%@ ServiceHost Language="C#" Service="System.Web.ApplicationServices.RoleService" %>

2. Added the following to services in web.config

<service

      behaviorConfiguration="AuthenticationServiceTypeBehaviors"    

      name="System.Web.ApplicationServices.RoleService">

   <endpoint binding="basicHttpBinding"        

       bindingConfiguration="userHttp"  

       bindingNamespace="asp.net/.../v200"

       contract="System.Web.ApplicationServices.RoleService"/>

</service>

[Is this right?  should I reuse the bindingConfiguraton setup for membership? Anything else?  - I repeat, it does seem to work, but want to be sure I've done everything I need to]

3. Added role service to the scripting web services in web.config

<roleService enabled="true" />

I also have one more question.

>  When I login with a user having the role (admin) required for the web service call  (simple service returning string[]) all is OK, however when another user logs in a SecurityException is throw (Request for principal permission failed.) and I've not yet been able to work out how to handle it.  

It is being even if I do not attempt to call the web service from the SL control by checking roles on that side to see it if should be called or not (i.e. admin it gets called, guest it does (or should) not).

Any ideas for me?

Thanks,

Shaun

#7 June 05, 2008 9:09 PM

@vitya: this video and sample project actually uses the ASP.NET forms authentication -- maybe it isn't clear enough?  should I do another video only on ASP.NET services?

@shaun: if the role isn't met you will hit that exception, the bubbling of the event can be odd though

#8 June 13, 2008 12:01 PM

Hi Tim,

Thanks for this video,

But I'm actually trying to connect my Silverlight App to a secure WebService which is on a WebSphere Server.

In .NET, I can use Credential as following :

<Code>

System.Net.ICredentials credentials = new System.Net.NetworkCredential("myLogin", "myPassword");

_MyService.Credentials = credentials;

ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate);

public static bool ValidateServerCertificate(Object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)

{return true;}

</Code>

Do you know how I could do in Silverlight 2 Beta 2 ?

Thanks !

Eric.

#9 June 13, 2008 4:57 PM

@eric: unfortunately you cannot specify new credentials when calling a service.  We'll use the credentials already provided to the application hosting the Silverlight application.  As well right now certificate authentication is not a part of Silverlight.

#10 June 15, 2008 5:10 PM

# heuertk: On June 5, 2008 9:09 PM said:

@vitya: this video and sample project actually uses the ASP.NET forms authentication -- maybe it isn't clear enough?  should I do another video only on ASP.NET services?

Hi Tim,

what I meant was, that this sample was using "hard coded" users with forms authentication and I wanted to use something where I can keep my users separately, say in a SQL db. But don't worry, in the meantime I figured it how.

Thanks again for the video, and keep them coming!! :)

vitya