SYS-CON Media
 Early-Bird Savings!
 
AJAXWorld Diamond Sponsor
AJAXWorld Platinum Sponsors
AJAXWorld Gold Sponsors
AJAXWorld Silver Sponsors
AJAXWorld Exhibitors
AJAXWorld Media Sponsors
Goingtomeet.com Conference Directory
 
Association Sponsor
2006 Sponsors
 
Can't Miss RSS Feed
Subscribe to the AJAXWorld.com RSS Feed & Get All The Conference News As It Happens!

3 Rockin' Days of AJAX: March 19-21, 2007 New York City


Accessing the ASP.NET Authentication, Profile and Role Service in Silverlight
How to access the WCF application services from a directly from the Silverlight client

In ASP.NET 2.0, we introduced a very powerful set of application services in ASP.NET (Membership, Roles and profile).  In 3.5 we created a client library for accessing them from Ajax and .NET Clients and exposed them via WCF web services.    For more information on the base level ASP.NET appservices that this walk through is based on, please see Stefan Schackow's excellent book Professional ASP.NET 2.0 Security, Membership, and Role Management.

In this tutorial I will walk you through how to access the WCF application services from a directly from the Silverlight client.  This works super well if you have a site that is already using the ASP.NET application services and you just need to access them from a Silverlight client.   (Special thanks to Helen for a good chunk of this implantation)

Here is what I plan to show:

1. Login\Logout
2. Save personalization settings
3. Enable custom UI based on a user's role (for example, manager or employee)
4. A custom log-in control to make the UI a bit cleaner

image

 

You can download the completed sample solution

Part I: Login\Logout
In VS, do File\New select the Silverlight solution.  Let's call it "ApplicationServicesDemo".

image

 

We will need both the client side Silverlight project and the ASP.NET serverside project.

image

 

Let's configure our system with the test users.  To do this we will use the ASP.NET Configuration Manager.  In VS, under the Website menu, select "ASP.NET Configuration". Use this application to add a couple of users.  I created two employees:

ID:manager
password:manager!
and
ID:employee
password:employee!

image

 

To expose the ASP.NET Authentication system, let's add a new WCF service.  Because we are just going to point this at the default one that ships with ASP.NET, we don't need any code behind, so the easiest thing to do is to add a new Text File.  In the ASP.NET website, Add New Item, select Text File  and call it "AuthenticationService.svc"

image

 

Add this one line as the contents of the file.  This wires it up to the implementation that ships as part of ASP.NET.

<%@ ServiceHost Language="C#" 
Service
="System.Web.
ApplicationServices.AuthenticationService"
%>

Now in Web.config, we need to add the WCF magic to turn the service on.

  <system.serviceModel>
    <services>
      <!-- this enables the 
WCF AuthenticationService endpoint
--> <service name=
"System.Web.ApplicationServices
.AuthenticationService
" behaviorConfiguration=
"AuthenticationService
TypeBehaviors
"> <endpoint contract=
"System.Web.ApplicationServices.
AuthenticationService
" binding="basicHttpBinding"
bindingConfiguration
="userHttp" bindingNamespace=
"http://asp.net/ApplicationServices/v200"/> </service> </services> <bindings> <basicHttpBinding> <binding name="userHttp"> <!-- this is for demo only.
Https/Transport security is recommended
--> <security mode="None"/> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name=
"AuthenticationServiceTypeBehaviors"> <serviceMetadata httpGetEnabled="true"/> </behavior> </serviceBehaviors> </behaviors> <!-- this is needed since this service is
only supported with HTTP protocol
--> <serviceHostingEnvironment
aspNetCompatibilityEnabled
="true"/> </system.serviceModel>

Now, still in Web.config, we need to enable forms authentication.  Under the <system.web> change the authentication mode from "Windows" to "Forms".

<authentication mode="Forms" />

One last change to web.config, we need to enable authentication to be exposed via the web service.This is done by adding a System.Web.Extensions section.

  <system.web.extensions>
    <scripting>
      <webServices>
        <authenticationService enabled=
"true" requireSSL="false"/> </webServices> </scripting> </system.web.extensions>

 

Now, to consume this authentication service in Silverlight, let's open the page.xaml file and add some initial UI. Just buttons to log "employee" and "manager"  in and a textblock to show some status.

    <Grid x:Name="LayoutRoot" 
Background
="White"> <StackPanel> <Button x:Name="employeeLogIn" Width="100" Height="50" Content="Log In Employee" Click="employeeLogIn_Click"></Button> <Button x:Name="managerLogIn" Width="100" Height="50" Content="Log In Manager" Click="managerLogIn_Click"></Button> <TextBlock x:Name="statusText"></TextBlock> </StackPanel> </Grid>



Now, let's add a reference to the service we just created

Right click on the Silverlight project and select Add Service Reference

image

 

Click Discover and set the namespace to "AuthenticationService"

image

 

If you get an error at this point, it is likely something wrong with your AuthenticationService.svc or the web config, go back and double check those.

Now, let's write a little code to call that service to log us in.  First add the right using statement

using ApplicationServicesDemo.AuthenticationServices;

Then, in employeeLogIn_Click method write the code to call the service to log the employee in.  For now, we will hard code the name in password, but by the end we will be prompting the user to get this data.

First we create a the web services client class, then we call the login method asynchronously.  Remember all network calls in Silverlight are async, otherwise we'd lock up the whole browser.  Finally we sign up for the callback.

private void employeeLogIn_Click
(object sender, RoutedEventArgs e) { AuthenticationServiceClient client =
new
AuthenticationServiceClient(); client.LoginAsync("employee", "employee!", "
"
, true, "employee"); client.LoginCompleted +=
new EventHandler
<LoginCompletedEventArgs>(client_LoginCompleted); }

In the callback, for now, let's just set our status.

void client_LoginCompleted
(object sender, LoginCompletedEventArgs e) { if (e.Error != null) statusText.Text =
e.Error.ToString(); else statusText.Text = e.UserState +
" logged In result:" + e.Result;

}

Run it!  You should see a good status.  Try changing the password and ID, and see the status change to false.  It is working.

image

 

Now do the same thing for manager and you are set!

private void managerLogIn_Click
(object sender, RoutedEventArgs e) { AuthenticationServiceClient client =
new
AuthenticationServiceClient(); client.LoginCompleted +=
new
EventHandler
<LoginCompletedEventArgs>
(client_LoginCompleted); client.LoginAsync("manager",
"manager!", "", true, "manager"); }
Next Page - Part 2: Save Personalization Settings

About Brad Abrams
Brad Abrams is currently the Group Program Manager for the UI Framework and Services team at Microsoft which is responsible for delivering the developer platform that spans both client and web based applications, as well as the common services that are available to all applications. Specific technologies owned by this team include ASP.NET, Atlas and Windows Forms. He was a founding member of both the Common Language Runtime, and .NET Framework teams.

Brad has been designing parts of the .NET Framework since 1998 when he started his framework design career building the BCL (Base Class Library) that ships as a core part of the .NET Framework. He was also the lead editor on the Common Language Specification (CLS), the .NET Framework Design Guidelines, the libraries in the ECMA\ISO CLI Standard, and has been deeply involved with the WinFX and Windows Vista efforts from their beginning.

He co-authored Programming in the .NET Environment, and was editor on .NET Framework Standard Library Annotated Reference Vol 1 and Vol 2 and the Framework Design Guidelines.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Hey Brad,

Great Post.....

Thanks...

This is great! Been looking forward to seeing more AJAX with Silverlight and this is right up my alley. Now that I know how it works... do you think there's a version out there with advanced escaping or is this security sound across the board?
**************
Nico del Castillo
Microsoft Security Outreach Team
www.microsoft.com/hellosecureworld7


Latest AJAXWorld RIA Stories
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even cod...
The National Cyber Security Awareness Month is transitory, but many of the decisions we have made around the adoption of technology within our personal and business have brought with them risks that will stay with us for a while. A good example of this is the deployment and proli...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structu...
22nd International Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, and co-located with the 1st DXWorld Expo will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is no...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Busin...
Untitled Document

Call 201 802-3020 or Click Here to Save $100!

Save $100

Sponsorship Opportunities
AJAXWorld offers the undisputed best platform to position your company as a leading vendor in the fast-emerging marketplace for AJAX and Web 2.0.


Please call
(201)802-3020

Don't Miss the Laszlo Track
On March 20, 2007 New York City's Roosevelt Hotel will host SYS-CON Events' first "Laszlo Track" about Next-Generation Web Application Development!
Learn Laszlo in sessions including: Inside the U.S. Air Force: How AJAX Is Improving Communications and Quality of Life, Creating the Cinematic User Experience, Real-World AJAX Success Stories, Introducing Laszlo Webtop, OpenLaszlo and AJAX and Hands-On Open Laszlo training!

Brought To You By:

AJAXWorld Magazine is the pre-eminent independent vendor-neutral resource for the fastest growing new segment of the software business: entirely Web-based applications and experiences.
Download the Premier Issue!
Download the Premier 2007 Issue!
Web 2.0 Journal is the world's only completely Web 2.0-focused resource, read and written by some of the world's top analysts, IT executives, rich-media developers, A-bloggers and activists.

AJAXWorld Webcasts



AJAXWorld Sessions on SYS-CON.TV

· Bill Scott - Yahoo! UI Library
· David Heinemeier Hansson - AJAX on Rails
· Jesse James Garrett - Elements of User Experience
· Dion Hinchcliffe - Real World AJAX
· Eric Miraglia - Open Source AJAX Development
· Paul Rademacher - Mashing Up Your Web Application
· Adam Sah - Google Gadgets
· Doug Crockford - An Introduction to JavaScript
· David Linthicum - Enterprise Web 2.0
· Patrick Grady - The Imagination & Experience Web

AJAXWorld...All The AJAX Rock Stars in One Spot!


2007 Conference Speakers Include


TEMKIN
Laszlo Systems

COENRAETS
Adobe

WOLF
Cynergy

CRUPI
JackBe

SAH
Google

ANDREWS
Evans Data

CROCKFORD
Yahoo!

WEI
Nexaweb

MURRY
Sun

ABRAMS
Microsoft

HINCHCLIFF
AWM

HOFFMAN
SPI Dynamics

HAKMAN
TIBCO

BOYD
Blue Whale Labs

KING
Hibernate

CHARLAND
Nitobi

AJAXWorld University Developer Bootcamp

On March 19, 2007 - New York City, AJAXWorld University's "AJAX Developer Bootcamp" will be an intensive, one-day hands-on training program that will teach Web developers and designers how to build high-quality AJAX applications from beginning to end. Held the day before the AJAXWorld Conference & Expo begins, the Bootcamp is intended to be the premier AJAX instructional program presently available anywhere.
view the full one-day schedule

Flex Bootcamp

March 18, 2007 the "Adobe Flex  Developer Bootcamp" is an intensive, one-day hands-on training program that will teach Web developers and designers how to build Rich Internet Application using Adobe Flex. During this day attendees will  create two fully functional applications.  Pre-requisites: working knowledge of any object-oriented programming language. This workshop will be  taught by Flex experts from Farata Systems – Yakov Fain and Dr. Victor Rasputnis, co-authors of the book Developing RIA with Adobe Flex and Java.  If you want to jump-start your new Flex project, this workshop is as good as it gets.
view the full one-day schedule


Past Events Archive

Real-World AJAX Seminar
www.ajaxseminar.com
Ruby on Rails Seminar
www.rubyonrailsseminar.com
Real-World Flex Seminar
www.flexseminar.com
Other SYS-CON Events
events.sys-con.com
Who Should Attend?
  • Web Programmers and Designers
  • Technology Evangelists
  • Senior Architects
  • Project Managers
  • User Interface Architects
  • Web Consultants
  • C-Level Execs and Developers Who Need to Stay in Front of the Latest Web Technology!

Video Coverage of the AJAXWorld 2006 Panels

SYS-CON TV Power Panel: Web-Oriented Architecture: SOA + The Web + REST
SYS-CON TV Power Panel: Redefining RIAs: Does AJAX Push the Browser Too Far
SYS-CON TV Power Panel: AJAXWorld 2006 CEO Power Panel
SYS-CON TV Power Panel: The FrameworkWars: Lightweight vs Heavyweight

Join Over 3,600 Early AJAX Adopters
Who Have Attended AJAXWorld
• A&R Edelman
• Academic Enterprise
• Accoona Corp [2 delegates]
• Acxiom
• Adams Capital Management
• Adaptive Edge
• Adaptive Path
• Adobe Systems Incorporated [21 delegates]
• Adobe Systems Romania
• Ajax13
• All Risks, Ltd.
• alliance
• Alliance For Community Care
• AlphaDetail Inc
• Altera Corporation
• Amazon.com [6 delegates]
• Appeon Corporation [2 delegates]
• Apple Computer [5 delegates]
• Apress [3 delegates]
• Arkivio
• ASA
• Astute Solutions
• Avaya Inc [2 delegates]
• Avenda Systems
• Avenue A | Razorfish [3 delegates]
• Axcella, LLC [2 delegates]
• Aximsoft
• Azimyth
• Backbase USA Inc. [4 delegates]
• BAE Systems [2 delegates]
• Bank of America [2 delegates]
• Barkley Evergreen & Partners Interactive
• Bayview Financial [2 delegates]
• BEA Systems [3 delegates]
• Billeo
• BMC Software, Inc. [2 delegates]
• Borland Software Corporation
• Bradford Technologies, Inc [2 delegates]
• Brilliance
• Brocade Communications Systems, Inc. [2 delegates]
• Brookside Capital LLC
• Brulant
• Bungee Labs, Inc [6 delegates]
• Bureau of Labor Statistics
• BUZ Interactive
• Cadena Software
• Calix Networks
• Callidus Software [2 delegates]
• Cambia Security
• Carnegie Mellon West
• Cautella, Inc.
• CBSA
• Celequest [3 delegates]
• Change Vision, Inc.
• Charles E. Kenney, CPA
• Charles Schwab & Co., Inc. [8 delegates]

   read more...


ADVERTISE   |   MAGAZINE SUBSCRIPTIONS   |   FREE BREAKING-NEWSLETTERS!   |   SYS-CON.TV   |   BLOG-N-PLAY!   |   WEBCAST   |   EDUCATION   |   RESEARCH

.NET Developer's Journal - .NETDJ   |   ColdFusion Developer's Journal - CFDJ   |   Eclipse Developer's Journal - EDJ   |   Enterprise Open Source Magazine - EOS
Open Web Developer's Journal - OPEN WEB   |   iPhone Developer's Journal - iPHONE   |   Virtualization - Virtualization   |   Java Developer's Journal - JDJ   |   Linux.SYS-CON.com
PowerBuilder Developer's Journal - PBDJ   |   SEO / SEM Journal - SJ   |   SOAWorld Magazine - SOAWM   |   IT Solutions Guide - ITSG   |   Symbian Developer's Journal - SDJ
WebLogic Developer's Journal - WLDJ   |   WebSphere Journal - WJ   |   Wireless Business & Technology - WBT   |   XML-Journal - XMLJ   |   Internet Video - iTV
Flex Developer's Journal - Flex   |   AJAXWorld Magazine - AWM   |   Silverlight Developer's Journal - SLDJ   |   PHP.SYS-CON.com   |   Web 2.0 Journal - WEB2

SYS-CON MEDIA:   ABOUT US   |   CONTACT US   |   COMPANY NEWS   |   CAREERS   |   SITE MAP
SYS-CON EVENTS  |  AJAXWorld Conference & Expo  |  iPhone Developer Summit  |  OpenWeb Developer Summit  |  SOA World Conference & Expo  |  Virtualization Conference & Expo
INTERNATIONAL SITES:   India  |  U.K.  |  Canada  |  Germany  |  France  |  Australia  |  Italy  |  Spain  |  Netherlands  |  Brazil  |  Belgium
 Terms of Use & Our Privacy Statement     About Newsfeeds / Video Feeds
Copyright ©1994-2008 SYS-CON Publications, Inc. All Rights Reserved. All marks are trademarks of SYS-CON Media.
Reproduction in whole or in part in any form or medium without express written permission of SYS-CON Publications, Inc. is prohibited.