Sharing ASPNET security

Discussion in 'ASP .Net Security' started by Gerhard, Jul 28, 2010.

  1. Gerhard

    Gerhard Guest

    I have a .net 2.0 web site and a .net 4.0 Silverlight Business application
    (that uses RIA Services) that I would like to share ASPNET security so I can
    go back and forth without having to log in a second time. How can I do this?

    This is a second post on this as the first never showed up in search.
     
    Gerhard, Jul 28, 2010
    #1
    1. Advertising

  2. Gerhard

    Gerhard Guest

    Cancel this. The original showed up. Was a search issue on the site.

    "Gerhard" wrote:

    > I have a .net 2.0 web site and a .net 4.0 Silverlight Business application
    > (that uses RIA Services) that I would like to share ASPNET security so I can
    > go back and forth without having to log in a second time. How can I do this?
    >
    > This is a second post on this as the first never showed up in search.
     
    Gerhard, Jul 28, 2010
    #2
    1. Advertising

  3. Gerhard

    Jerry Weng Guest

    Hello Gerhard,
    Thank you for posting.
    From your post, my understanding on this issue is: you want to use ASP.NET
    security in your Silverlight application. If I'm off base, please feel free
    to let me know.

    If we want to use ASP.NET Authentication in Silverlight applications, we
    need to create an ASP.NET Application Service. ASP.NET application services
    are built-in Web services that provide access to features such as forms
    authentication, roles, and profile properties. An important feature of
    ASP.NET application services is that they are available to a variety of
    client applications, not just ASP.NET Web applications. ASP.NET application
    services are available to any client that is based on the .NET Framework.
    In addition, any client application that can send and receive messages in
    SOAP format can use ASP.NET application services. For more details about
    ASP.NET Application Service, please refer to this document:

    ASP.NET Application Services Overview
    http://msdn.microsoft.com/en-us/library/bb547119.aspx

    Here is a demo on MSDN which talked about how to use the ASP.NET
    Authentication Service to log in through silverlight applications.

    How to: Use the ASP.NET Authentication Service to Log In Through
    Silverlight Applications
    http://msdn.microsoft.com/en-us/library/dd560704(VS.95).aspx

    If you want to use Windows Authentication for the Silverlight Applications,
    here is the demo.

    How to: Use Windows Authentication to Secure a Service for Silverlight
    Applications
    http://msdn.microsoft.com/en-us/library/dd744835(VS.95).aspx

    We can authenticate a user or check whether the current user is
    authenticated by customing the service logic. By the way, the
    authentication logic should always be done on the service side, since
    hackers can invoke your service using their own client. Client side
    authentication is optional, it can be used to create a better user
    experience.

    Please let me know the information above so that I can provider further
    assistance on this problem. I am looking forward to your reply.

    --
    Sincerely,
    Jerry Weng
    Microsoft Online Community Support

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    ications.

    With newsgroups, MSDN subscribers enjoy unlimited, free support as opposed
    to the limited number of phone-based technical support incidents. Complex
    issues or server-down situations are not recommended for the newsgroups.
    Issues of this nature are best handled working with a Microsoft Support
    Engineer using one of your phone-based incidents.
    ==================================================
    --------------------
    | Thread-Topic: Sharing ASPNET security
    | thread-index: AcsuXD8FR62XCnroR6eJDu0zoHUL1A==
    | X-WBNR-Posting-Host: 216.117.194.109
    | From: Gerhard <>
    | Subject: Sharing ASPNET security
    | Date: Wed, 28 Jul 2010 06:53:23 -0700
    | Lines: 5
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    | Path: TK2MSFTNGHUB02.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl
    microsoft.public.dotnet.framework.aspnet.security:88
    | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    |
    | I have a .net 2.0 web site and a .net 4.0 Silverlight Business
    application
    | (that uses RIA Services) that I would like to share ASPNET security so I
    can
    | go back and forth without having to log in a second time. How can I do
    this?
    |
    | This is a second post on this as the first never showed up in search.
    |
     
    Jerry Weng, Jul 29, 2010
    #3
  4. Gerhard

    Gerhard Guest

    Thanks.

    Using it in Silverlight is already working, as it is in the web site. What
    I need to be able to do is share the security between the two, so I can call
    a Silverlight page (.net 4.0) in the from the Web site (.net 2.0) without
    having to login again.

    If you can show me how to do this, it would be a great help.

    Thanks.

    "Jerry Weng" wrote:

    > Hello Gerhard,
    > Thank you for posting.
    > From your post, my understanding on this issue is: you want to use ASP.NET
    > security in your Silverlight application. If I'm off base, please feel free
    > to let me know.
    >
    > If we want to use ASP.NET Authentication in Silverlight applications, we
    > need to create an ASP.NET Application Service. ASP.NET application services
    > are built-in Web services that provide access to features such as forms
    > authentication, roles, and profile properties. An important feature of
    > ASP.NET application services is that they are available to a variety of
    > client applications, not just ASP.NET Web applications. ASP.NET application
    > services are available to any client that is based on the .NET Framework.
    > In addition, any client application that can send and receive messages in
    > SOAP format can use ASP.NET application services. For more details about
    > ASP.NET Application Service, please refer to this document:
    >
    > ASP.NET Application Services Overview
    > http://msdn.microsoft.com/en-us/library/bb547119.aspx
    >
    > Here is a demo on MSDN which talked about how to use the ASP.NET
    > Authentication Service to log in through silverlight applications.
    >
    > How to: Use the ASP.NET Authentication Service to Log In Through
    > Silverlight Applications
    > http://msdn.microsoft.com/en-us/library/dd560704(VS.95).aspx
    >
    > If you want to use Windows Authentication for the Silverlight Applications,
    > here is the demo.
    >
    > How to: Use Windows Authentication to Secure a Service for Silverlight
    > Applications
    > http://msdn.microsoft.com/en-us/library/dd744835(VS.95).aspx
    >
    > We can authenticate a user or check whether the current user is
    > authenticated by customing the service logic. By the way, the
    > authentication logic should always be done on the service side, since
    > hackers can invoke your service using their own client. Client side
    > authentication is optional, it can be used to create a better user
    > experience.
    >
    > Please let me know the information above so that I can provider further
    > assistance on this problem. I am looking forward to your reply.
    >
    > --
    > Sincerely,
    > Jerry Weng
    > Microsoft Online Community Support
    >
    > ==================================================
    > Get notification to my posts through email? Please refer to
    > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    > ications.
    >
    > With newsgroups, MSDN subscribers enjoy unlimited, free support as opposed
    > to the limited number of phone-based technical support incidents. Complex
    > issues or server-down situations are not recommended for the newsgroups.
    > Issues of this nature are best handled working with a Microsoft Support
    > Engineer using one of your phone-based incidents.
    > ==================================================
    > --------------------
    > | Thread-Topic: Sharing ASPNET security
    > | thread-index: AcsuXD8FR62XCnroR6eJDu0zoHUL1A==
    > | X-WBNR-Posting-Host: 216.117.194.109
    > | From: Gerhard <>
    > | Subject: Sharing ASPNET security
    > | Date: Wed, 28 Jul 2010 06:53:23 -0700
    > | Lines: 5
    > | Message-ID: <>
    > | MIME-Version: 1.0
    > | Content-Type: text/plain;
    > | charset="Utf-8"
    > | Content-Transfer-Encoding: 7bit
    > | X-Newsreader: Microsoft CDO for Windows 2000
    > | Content-Class: urn:content-classes:message
    > | Importance: normal
    > | Priority: normal
    > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    > | Path: TK2MSFTNGHUB02.phx.gbl
    > | Xref: TK2MSFTNGHUB02.phx.gbl
    > microsoft.public.dotnet.framework.aspnet.security:88
    > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    > |
    > | I have a .net 2.0 web site and a .net 4.0 Silverlight Business
    > application
    > | (that uses RIA Services) that I would like to share ASPNET security so I
    > can
    > | go back and forth without having to log in a second time. How can I do
    > this?
    > |
    > | This is a second post on this as the first never showed up in search.
    > |
    >
    > .
    >
     
    Gerhard, Aug 3, 2010
    #4
  5. Gerhard

    Jerry Weng Guest

    Hello Gerhard,

    I think it is easy to handle that. But we need to create a web service to
    make a bridge. Let me explain it.

    Condition 1:
    1, the SilverLight application should be deployed on one page in the
    ASP.NET web application. Ensure they can share the same session.
    2, user login on the ASP.NET web application first. The Silverlight
    application does not need to be authenticated again.
    3, need a WCF service, or a common web service to execute some code like
    "HttpContext.Current" to get the user information on the current session.
    If returns null, it means the user does not be authenticated, or send back
    the current user infomation.

    Condition 2:
    1, the SilverLight application should be deployed on one page in the
    ASP.NET web application. Ensure they can share the same session.
    2, user login on the Silverlight appliation first. The ASP.NET web
    application does not need to be authenticated again.
    3, also need a WCF service, or a common web service. We could post the
    username and password to the service and make it authenticated there.

    --
    Sincerely,
    Jerry Weng
    Microsoft Online Community Support
    --------------------
    | Thread-Topic: Sharing ASPNET security
    | thread-index: AcsytgNWukoQUcfxQ06wYJ3yuOHqJw==
    | X-WBNR-Posting-Host: 216.117.194.109
    | From: Gerhard <>
    | References: <>
    <reu$>
    | Subject: RE: Sharing ASPNET security
    | Date: Mon, 2 Aug 2010 19:46:03 -0700
    | Lines: 110
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    | Path: TK2MSFTNGHUB02.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl
    microsoft.public.dotnet.framework.aspnet.security:103
    | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    |
    | Thanks.
    |
    | Using it in Silverlight is already working, as it is in the web site.
    What
    | I need to be able to do is share the security between the two, so I can
    call
    | a Silverlight page (.net 4.0) in the from the Web site (.net 2.0) without
    | having to login again.
    |
    | If you can show me how to do this, it would be a great help.
    |
    | Thanks.
    |
    | "Jerry Weng" wrote:
    |
    | > Hello Gerhard,
    | > Thank you for posting.
    | > From your post, my understanding on this issue is: you want to use
    ASP.NET
    | > security in your Silverlight application. If I'm off base, please feel
    free
    | > to let me know.
    | >
    | > If we want to use ASP.NET Authentication in Silverlight applications,
    we
    | > need to create an ASP.NET Application Service. ASP.NET application
    services
    | > are built-in Web services that provide access to features such as forms
    | > authentication, roles, and profile properties. An important feature of
    | > ASP.NET application services is that they are available to a variety of
    | > client applications, not just ASP.NET Web applications. ASP.NET
    application
    | > services are available to any client that is based on the .NET
    Framework.
    | > In addition, any client application that can send and receive messages
    in
    | > SOAP format can use ASP.NET application services. For more details
    about
    | > ASP.NET Application Service, please refer to this document:
    | >
    | > ASP.NET Application Services Overview
    | > http://msdn.microsoft.com/en-us/library/bb547119.aspx
    | >
    | > Here is a demo on MSDN which talked about how to use the ASP.NET
    | > Authentication Service to log in through silverlight applications.
    | >
    | > How to: Use the ASP.NET Authentication Service to Log In Through
    | > Silverlight Applications
    | > http://msdn.microsoft.com/en-us/library/dd560704(VS.95).aspx
    | >
    | > If you want to use Windows Authentication for the Silverlight
    Applications,
    | > here is the demo.
    | >
    | > How to: Use Windows Authentication to Secure a Service for Silverlight
    | > Applications
    | > http://msdn.microsoft.com/en-us/library/dd744835(VS.95).aspx
    | >
    | > We can authenticate a user or check whether the current user is
    | > authenticated by customing the service logic. By the way, the
    | > authentication logic should always be done on the service side, since
    | > hackers can invoke your service using their own client. Client side
    | > authentication is optional, it can be used to create a better user
    | > experience.
    | >
    | > Please let me know the information above so that I can provider further
    | > assistance on this problem. I am looking forward to your reply.
    | >
    | > --
    | > Sincerely,
    | > Jerry Weng
    | > Microsoft Online Community Support
    | >
    | > ==================================================
    | > Get notification to my posts through email? Please refer to
    | >
    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    | > ications.
    | >
    | > With newsgroups, MSDN subscribers enjoy unlimited, free support as
    opposed
    | > to the limited number of phone-based technical support incidents.
    Complex
    | > issues or server-down situations are not recommended for the
    newsgroups.
    | > Issues of this nature are best handled working with a Microsoft Support
    | > Engineer using one of your phone-based incidents.
    | > ==================================================
    | > --------------------
    | > | Thread-Topic: Sharing ASPNET security
    | > | thread-index: AcsuXD8FR62XCnroR6eJDu0zoHUL1A==
    | > | X-WBNR-Posting-Host: 216.117.194.109
    | > | From: Gerhard <>
    | > | Subject: Sharing ASPNET security
    | > | Date: Wed, 28 Jul 2010 06:53:23 -0700
    | > | Lines: 5
    | > | Message-ID: <>
    | > | MIME-Version: 1.0
    | > | Content-Type: text/plain;
    | > | charset="Utf-8"
    | > | Content-Transfer-Encoding: 7bit
    | > | X-Newsreader: Microsoft CDO for Windows 2000
    | > | Content-Class: urn:content-classes:message
    | > | Importance: normal
    | > | Priority: normal
    | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    | > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    | > | Path: TK2MSFTNGHUB02.phx.gbl
    | > | Xref: TK2MSFTNGHUB02.phx.gbl
    | > microsoft.public.dotnet.framework.aspnet.security:88
    | > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    | > |
    | > | I have a .net 2.0 web site and a .net 4.0 Silverlight Business
    | > application
    | > | (that uses RIA Services) that I would like to share ASPNET security
    so I
    | > can
    | > | go back and forth without having to log in a second time. How can I
    do
    | > this?
    | > |
    | > | This is a second post on this as the first never showed up in search.
    | > |
    | >
    | > .
    | >
    |
     
    Jerry Weng, Aug 4, 2010
    #5
  6. Gerhard

    Gerhard Guest

    Thanks. I'll give this a try, and let you know if I have any questions.

    "Jerry Weng" wrote:

    > Hello Gerhard,
    >
    > I think it is easy to handle that. But we need to create a web service to
    > make a bridge. Let me explain it.
    >
    > Condition 1:
    > 1, the SilverLight application should be deployed on one page in the
    > ASP.NET web application. Ensure they can share the same session.
    > 2, user login on the ASP.NET web application first. The Silverlight
    > application does not need to be authenticated again.
    > 3, need a WCF service, or a common web service to execute some code like
    > "HttpContext.Current" to get the user information on the current session.
    > If returns null, it means the user does not be authenticated, or send back
    > the current user infomation.
    >
    > Condition 2:
    > 1, the SilverLight application should be deployed on one page in the
    > ASP.NET web application. Ensure they can share the same session.
    > 2, user login on the Silverlight appliation first. The ASP.NET web
    > application does not need to be authenticated again.
    > 3, also need a WCF service, or a common web service. We could post the
    > username and password to the service and make it authenticated there.
    >
    > --
    > Sincerely,
    > Jerry Weng
    > Microsoft Online Community Support
    > --------------------
    > | Thread-Topic: Sharing ASPNET security
    > | thread-index: AcsytgNWukoQUcfxQ06wYJ3yuOHqJw==
    > | X-WBNR-Posting-Host: 216.117.194.109
    > | From: Gerhard <>
    > | References: <>
    > <reu$>
    > | Subject: RE: Sharing ASPNET security
    > | Date: Mon, 2 Aug 2010 19:46:03 -0700
    > | Lines: 110
    > | Message-ID: <>
    > | MIME-Version: 1.0
    > | Content-Type: text/plain;
    > | charset="Utf-8"
    > | Content-Transfer-Encoding: 7bit
    > | X-Newsreader: Microsoft CDO for Windows 2000
    > | Content-Class: urn:content-classes:message
    > | Importance: normal
    > | Priority: normal
    > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    > | Path: TK2MSFTNGHUB02.phx.gbl
    > | Xref: TK2MSFTNGHUB02.phx.gbl
    > microsoft.public.dotnet.framework.aspnet.security:103
    > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    > |
    > | Thanks.
    > |
    > | Using it in Silverlight is already working, as it is in the web site.
    > What
    > | I need to be able to do is share the security between the two, so I can
    > call
    > | a Silverlight page (.net 4.0) in the from the Web site (.net 2.0) without
    > | having to login again.
    > |
    > | If you can show me how to do this, it would be a great help.
    > |
    > | Thanks.
    > |
    > | "Jerry Weng" wrote:
    > |
    > | > Hello Gerhard,
    > | > Thank you for posting.
    > | > From your post, my understanding on this issue is: you want to use
    > ASP.NET
    > | > security in your Silverlight application. If I'm off base, please feel
    > free
    > | > to let me know.
    > | >
    > | > If we want to use ASP.NET Authentication in Silverlight applications,
    > we
    > | > need to create an ASP.NET Application Service. ASP.NET application
    > services
    > | > are built-in Web services that provide access to features such as forms
    > | > authentication, roles, and profile properties. An important feature of
    > | > ASP.NET application services is that they are available to a variety of
    > | > client applications, not just ASP.NET Web applications. ASP.NET
    > application
    > | > services are available to any client that is based on the .NET
    > Framework.
    > | > In addition, any client application that can send and receive messages
    > in
    > | > SOAP format can use ASP.NET application services. For more details
    > about
    > | > ASP.NET Application Service, please refer to this document:
    > | >
    > | > ASP.NET Application Services Overview
    > | > http://msdn.microsoft.com/en-us/library/bb547119.aspx
    > | >
    > | > Here is a demo on MSDN which talked about how to use the ASP.NET
    > | > Authentication Service to log in through silverlight applications.
    > | >
    > | > How to: Use the ASP.NET Authentication Service to Log In Through
    > | > Silverlight Applications
    > | > http://msdn.microsoft.com/en-us/library/dd560704(VS.95).aspx
    > | >
    > | > If you want to use Windows Authentication for the Silverlight
    > Applications,
    > | > here is the demo.
    > | >
    > | > How to: Use Windows Authentication to Secure a Service for Silverlight
    > | > Applications
    > | > http://msdn.microsoft.com/en-us/library/dd744835(VS.95).aspx
    > | >
    > | > We can authenticate a user or check whether the current user is
    > | > authenticated by customing the service logic. By the way, the
    > | > authentication logic should always be done on the service side, since
    > | > hackers can invoke your service using their own client. Client side
    > | > authentication is optional, it can be used to create a better user
    > | > experience.
    > | >
    > | > Please let me know the information above so that I can provider further
    > | > assistance on this problem. I am looking forward to your reply.
    > | >
    > | > --
    > | > Sincerely,
    > | > Jerry Weng
    > | > Microsoft Online Community Support
    > | >
    > | > ==================================================
    > | > Get notification to my posts through email? Please refer to
    > | >
    > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    > | > ications.
    > | >
    > | > With newsgroups, MSDN subscribers enjoy unlimited, free support as
    > opposed
    > | > to the limited number of phone-based technical support incidents.
    > Complex
    > | > issues or server-down situations are not recommended for the
    > newsgroups.
    > | > Issues of this nature are best handled working with a Microsoft Support
    > | > Engineer using one of your phone-based incidents.
    > | > ==================================================
    > | > --------------------
    > | > | Thread-Topic: Sharing ASPNET security
    > | > | thread-index: AcsuXD8FR62XCnroR6eJDu0zoHUL1A==
    > | > | X-WBNR-Posting-Host: 216.117.194.109
    > | > | From: Gerhard <>
    > | > | Subject: Sharing ASPNET security
    > | > | Date: Wed, 28 Jul 2010 06:53:23 -0700
    > | > | Lines: 5
    > | > | Message-ID: <>
    > | > | MIME-Version: 1.0
    > | > | Content-Type: text/plain;
    > | > | charset="Utf-8"
    > | > | Content-Transfer-Encoding: 7bit
    > | > | X-Newsreader: Microsoft CDO for Windows 2000
    > | > | Content-Class: urn:content-classes:message
    > | > | Importance: normal
    > | > | Priority: normal
    > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    > | > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    > | > | Path: TK2MSFTNGHUB02.phx.gbl
    > | > | Xref: TK2MSFTNGHUB02.phx.gbl
    > | > microsoft.public.dotnet.framework.aspnet.security:88
    > | > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    > | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    > | > |
    > | > | I have a .net 2.0 web site and a .net 4.0 Silverlight Business
    > | > application
    > | > | (that uses RIA Services) that I would like to share ASPNET security
    > so I
    > | > can
    > | > | go back and forth without having to log in a second time. How can I
    > do
    > | > this?
    > | > |
    > | > | This is a second post on this as the first never showed up in search.
    > | > |
    > | >
    > | > .
    > | >
    > |
    >
    > .
    >
     
    Gerhard, Aug 4, 2010
    #6
  7. Gerhard

    Jerry Weng Guest

    Hello Gerhard,

    Have you try my suggestion? If that not work, please feel free to reply
    here.

    --
    Sincerely,
    Jerry Weng
    Microsoft Online Community Support
    --------------------
    | Thread-Topic: Sharing ASPNET security
    | thread-index: AcszfhGXvRZFC9whRra1zXnZGMxOmg==
    | X-WBNR-Posting-Host: 216.117.194.109
    | From: Gerhard <>
    | References: <>
    <reu$>
    <>
    <>
    | Subject: RE: Sharing ASPNET security
    | Date: Tue, 3 Aug 2010 19:38:06 -0700
    | Lines: 189
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    | Path: TK2MSFTNGHUB02.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl
    microsoft.public.dotnet.framework.aspnet.security:108
    | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    |
    | Thanks. I'll give this a try, and let you know if I have any questions.
    |
    | "Jerry Weng" wrote:
    |
    | > Hello Gerhard,
    | >
    | > I think it is easy to handle that. But we need to create a web service
    to
    | > make a bridge. Let me explain it.
    | >
    | > Condition 1:
    | > 1, the SilverLight application should be deployed on one page in the
    | > ASP.NET web application. Ensure they can share the same session.
    | > 2, user login on the ASP.NET web application first. The Silverlight
    | > application does not need to be authenticated again.
    | > 3, need a WCF service, or a common web service to execute some code
    like
    | > "HttpContext.Current" to get the user information on the current
    session.
    | > If returns null, it means the user does not be authenticated, or send
    back
    | > the current user infomation.
    | >
    | > Condition 2:
    | > 1, the SilverLight application should be deployed on one page in the
    | > ASP.NET web application. Ensure they can share the same session.
    | > 2, user login on the Silverlight appliation first. The ASP.NET web
    | > application does not need to be authenticated again.
    | > 3, also need a WCF service, or a common web service. We could post the
    | > username and password to the service and make it authenticated there.
    | >
    | > --
    | > Sincerely,
    | > Jerry Weng
    | > Microsoft Online Community Support
    | > --------------------
    | > | Thread-Topic: Sharing ASPNET security
    | > | thread-index: AcsytgNWukoQUcfxQ06wYJ3yuOHqJw==
    | > | X-WBNR-Posting-Host: 216.117.194.109
    | > | From: Gerhard <>
    | > | References: <>
    | > <reu$>
    | > | Subject: RE: Sharing ASPNET security
    | > | Date: Mon, 2 Aug 2010 19:46:03 -0700
    | > | Lines: 110
    | > | Message-ID: <>
    | > | MIME-Version: 1.0
    | > | Content-Type: text/plain;
    | > | charset="Utf-8"
    | > | Content-Transfer-Encoding: 7bit
    | > | X-Newsreader: Microsoft CDO for Windows 2000
    | > | Content-Class: urn:content-classes:message
    | > | Importance: normal
    | > | Priority: normal
    | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    | > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    | > | Path: TK2MSFTNGHUB02.phx.gbl
    | > | Xref: TK2MSFTNGHUB02.phx.gbl
    | > microsoft.public.dotnet.framework.aspnet.security:103
    | > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    | > |
    | > | Thanks.
    | > |
    | > | Using it in Silverlight is already working, as it is in the web site.

    | > What
    | > | I need to be able to do is share the security between the two, so I
    can
    | > call
    | > | a Silverlight page (.net 4.0) in the from the Web site (.net 2.0)
    without
    | > | having to login again.
    | > |
    | > | If you can show me how to do this, it would be a great help.
    | > |
    | > | Thanks.
    | > |
    | > | "Jerry Weng" wrote:
    | > |
    | > | > Hello Gerhard,
    | > | > Thank you for posting.
    | > | > From your post, my understanding on this issue is: you want to use
    | > ASP.NET
    | > | > security in your Silverlight application. If I'm off base, please
    feel
    | > free
    | > | > to let me know.
    | > | >
    | > | > If we want to use ASP.NET Authentication in Silverlight
    applications,
    | > we
    | > | > need to create an ASP.NET Application Service. ASP.NET application
    | > services
    | > | > are built-in Web services that provide access to features such as
    forms
    | > | > authentication, roles, and profile properties. An important feature
    of
    | > | > ASP.NET application services is that they are available to a
    variety of
    | > | > client applications, not just ASP.NET Web applications. ASP.NET
    | > application
    | > | > services are available to any client that is based on the .NET
    | > Framework.
    | > | > In addition, any client application that can send and receive
    messages
    | > in
    | > | > SOAP format can use ASP.NET application services. For more details
    | > about
    | > | > ASP.NET Application Service, please refer to this document:
    | > | >
    | > | > ASP.NET Application Services Overview
    | > | > http://msdn.microsoft.com/en-us/library/bb547119.aspx
    | > | >
    | > | > Here is a demo on MSDN which talked about how to use the ASP.NET
    | > | > Authentication Service to log in through silverlight applications.
    | > | >
    | > | > How to: Use the ASP.NET Authentication Service to Log In Through
    | > | > Silverlight Applications
    | > | > http://msdn.microsoft.com/en-us/library/dd560704(VS.95).aspx
    | > | >
    | > | > If you want to use Windows Authentication for the Silverlight
    | > Applications,
    | > | > here is the demo.
    | > | >
    | > | > How to: Use Windows Authentication to Secure a Service for
    Silverlight
    | > | > Applications
    | > | > http://msdn.microsoft.com/en-us/library/dd744835(VS.95).aspx
    | > | >
    | > | > We can authenticate a user or check whether the current user is
    | > | > authenticated by customing the service logic. By the way, the
    | > | > authentication logic should always be done on the service side,
    since
    | > | > hackers can invoke your service using their own client. Client side
    | > | > authentication is optional, it can be used to create a better user
    | > | > experience.
    | > | >
    | > | > Please let me know the information above so that I can provider
    further
    | > | > assistance on this problem. I am looking forward to your reply.
    | > | >
    | > | > --
    | > | > Sincerely,
    | > | > Jerry Weng
    | > | > Microsoft Online Community Support
    | > | >
    | > | > ==================================================
    | > | > Get notification to my posts through email? Please refer to
    | > | >
    | >
    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    | > | > ications.
    | > | >
    | > | > With newsgroups, MSDN subscribers enjoy unlimited, free support as
    | > opposed
    | > | > to the limited number of phone-based technical support incidents.
    | > Complex
    | > | > issues or server-down situations are not recommended for the
    | > newsgroups.
    | > | > Issues of this nature are best handled working with a Microsoft
    Support
    | > | > Engineer using one of your phone-based incidents.
    | > | > ==================================================
    | > | > --------------------
    | > | > | Thread-Topic: Sharing ASPNET security
    | > | > | thread-index: AcsuXD8FR62XCnroR6eJDu0zoHUL1A==
    | > | > | X-WBNR-Posting-Host: 216.117.194.109
    | > | > | From: Gerhard <>
    | > | > | Subject: Sharing ASPNET security
    | > | > | Date: Wed, 28 Jul 2010 06:53:23 -0700
    | > | > | Lines: 5
    | > | > | Message-ID: <>
    | > | > | MIME-Version: 1.0
    | > | > | Content-Type: text/plain;
    | > | > | charset="Utf-8"
    | > | > | Content-Transfer-Encoding: 7bit
    | > | > | X-Newsreader: Microsoft CDO for Windows 2000
    | > | > | Content-Class: urn:content-classes:message
    | > | > | Importance: normal
    | > | > | Priority: normal
    | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    | > | > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    | > | > | Path: TK2MSFTNGHUB02.phx.gbl
    | > | > | Xref: TK2MSFTNGHUB02.phx.gbl
    | > | > microsoft.public.dotnet.framework.aspnet.security:88
    | > | > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    | > | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    | > | > |
    | > | > | I have a .net 2.0 web site and a .net 4.0 Silverlight Business
    | > | > application
    | > | > | (that uses RIA Services) that I would like to share ASPNET
    security
    | > so I
    | > | > can
    | > | > | go back and forth without having to log in a second time. How
    can I
    | > do
    | > | > this?
    | > | > |
    | > | > | This is a second post on this as the first never showed up in
    search.
    | > | > |
    | > | >
    | > | > .
    | > | >
    | > |
    | >
    | > .
    | >
    |
     
    Jerry Weng, Aug 6, 2010
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Gary Nelson

    Upgrade from aspnet 1.1 to aspnet 2.0

    Gary Nelson, Oct 14, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    492
    Gary Nelson
    Oct 14, 2005
  2. Replies:
    7
    Views:
    664
    Juan T. Llibre
    Mar 23, 2007
  3. Brian Schuth
    Replies:
    0
    Views:
    284
    Brian Schuth
    Sep 8, 2003
  4. John Hynes
    Replies:
    0
    Views:
    213
    John Hynes
    Dec 2, 2005
  5. Gerhard

    Sharing ASPNET security

    Gerhard, Jul 28, 2010, in forum: ASP .Net Security
    Replies:
    3
    Views:
    944
    Roy Tian [MSFT]
    Jul 30, 2010
Loading...

Share This Page