Sharing ASPNET security


G

Gerhard

I have a .net 2.0 web site and a .net 4.0 Silverlight Business application
(that uses RIA Services) that I would like to share ASPNET security so I can
go back and forth without having to log in a second time. How can I do this?

This is a second post on this as the first never showed up in search.
 
Ad

Advertisements

J

Jerry Weng

Hello Gerhard,
Thank you for posting.
From your post, my understanding on this issue is: you want to use ASP.NET
security in your Silverlight application. If I'm off base, please feel free
to let me know.

If we want to use ASP.NET Authentication in Silverlight applications, we
need to create an ASP.NET Application Service. ASP.NET application services
are built-in Web services that provide access to features such as forms
authentication, roles, and profile properties. An important feature of
ASP.NET application services is that they are available to a variety of
client applications, not just ASP.NET Web applications. ASP.NET application
services are available to any client that is based on the .NET Framework.
In addition, any client application that can send and receive messages in
SOAP format can use ASP.NET application services. For more details about
ASP.NET Application Service, please refer to this document:

ASP.NET Application Services Overview
http://msdn.microsoft.com/en-us/library/bb547119.aspx

Here is a demo on MSDN which talked about how to use the ASP.NET
Authentication Service to log in through silverlight applications.

How to: Use the ASP.NET Authentication Service to Log In Through
Silverlight Applications
http://msdn.microsoft.com/en-us/library/dd560704(VS.95).aspx

If you want to use Windows Authentication for the Silverlight Applications,
here is the demo.

How to: Use Windows Authentication to Secure a Service for Silverlight
Applications
http://msdn.microsoft.com/en-us/library/dd744835(VS.95).aspx

We can authenticate a user or check whether the current user is
authenticated by customing the service logic. By the way, the
authentication logic should always be done on the service side, since
hackers can invoke your service using their own client. Client side
authentication is optional, it can be used to create a better user
experience.

Please let me know the information above so that I can provider further
assistance on this problem. I am looking forward to your reply.

--
Sincerely,
Jerry Weng
Microsoft Online Community Support

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

With newsgroups, MSDN subscribers enjoy unlimited, free support as opposed
to the limited number of phone-based technical support incidents. Complex
issues or server-down situations are not recommended for the newsgroups.
Issues of this nature are best handled working with a Microsoft Support
Engineer using one of your phone-based incidents.
==================================================
--------------------
| Thread-Topic: Sharing ASPNET security
| thread-index: AcsuXD8FR62XCnroR6eJDu0zoHUL1A==
| X-WBNR-Posting-Host: 216.117.194.109
| From: Gerhard <[email protected]>
| Subject: Sharing ASPNET security
| Date: Wed, 28 Jul 2010 06:53:23 -0700
| Lines: 5
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:88
| NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| I have a .net 2.0 web site and a .net 4.0 Silverlight Business
application
| (that uses RIA Services) that I would like to share ASPNET security so I
can
| go back and forth without having to log in a second time. How can I do
this?
|
| This is a second post on this as the first never showed up in search.
|
 
G

Gerhard

Thanks.

Using it in Silverlight is already working, as it is in the web site. What
I need to be able to do is share the security between the two, so I can call
a Silverlight page (.net 4.0) in the from the Web site (.net 2.0) without
having to login again.

If you can show me how to do this, it would be a great help.

Thanks.
 
J

Jerry Weng

Hello Gerhard,

I think it is easy to handle that. But we need to create a web service to
make a bridge. Let me explain it.

Condition 1:
1, the SilverLight application should be deployed on one page in the
ASP.NET web application. Ensure they can share the same session.
2, user login on the ASP.NET web application first. The Silverlight
application does not need to be authenticated again.
3, need a WCF service, or a common web service to execute some code like
"HttpContext.Current" to get the user information on the current session.
If returns null, it means the user does not be authenticated, or send back
the current user infomation.

Condition 2:
1, the SilverLight application should be deployed on one page in the
ASP.NET web application. Ensure they can share the same session.
2, user login on the Silverlight appliation first. The ASP.NET web
application does not need to be authenticated again.
3, also need a WCF service, or a common web service. We could post the
username and password to the service and make it authenticated there.

--
Sincerely,
Jerry Weng
Microsoft Online Community Support
--------------------
| Thread-Topic: Sharing ASPNET security
| thread-index: AcsytgNWukoQUcfxQ06wYJ3yuOHqJw==
| X-WBNR-Posting-Host: 216.117.194.109
| From: Gerhard <[email protected]>
| References: <[email protected]>
<re[email protected]>
| Subject: RE: Sharing ASPNET security
| Date: Mon, 2 Aug 2010 19:46:03 -0700
| Lines: 110
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:103
| NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| Thanks.
|
| Using it in Silverlight is already working, as it is in the web site.
What
| I need to be able to do is share the security between the two, so I can
call
| a Silverlight page (.net 4.0) in the from the Web site (.net 2.0) without
| having to login again.
|
| If you can show me how to do this, it would be a great help.
|
| Thanks.
|
| "Jerry Weng" wrote:
|
| > Hello Gerhard,
| > Thank you for posting.
| > From your post, my understanding on this issue is: you want to use
ASP.NET
| > security in your Silverlight application. If I'm off base, please feel
free
| > to let me know.
| >
| > If we want to use ASP.NET Authentication in Silverlight applications,
we
| > need to create an ASP.NET Application Service. ASP.NET application
services
| > are built-in Web services that provide access to features such as forms
| > authentication, roles, and profile properties. An important feature of
| > ASP.NET application services is that they are available to a variety of
| > client applications, not just ASP.NET Web applications. ASP.NET
application
| > services are available to any client that is based on the .NET
Framework.
| > In addition, any client application that can send and receive messages
in
| > SOAP format can use ASP.NET application services. For more details
about
| > ASP.NET Application Service, please refer to this document:
| >
| > ASP.NET Application Services Overview
| > http://msdn.microsoft.com/en-us/library/bb547119.aspx
| >
| > Here is a demo on MSDN which talked about how to use the ASP.NET
| > Authentication Service to log in through silverlight applications.
| >
| > How to: Use the ASP.NET Authentication Service to Log In Through
| > Silverlight Applications
| > http://msdn.microsoft.com/en-us/library/dd560704(VS.95).aspx
| >
| > If you want to use Windows Authentication for the Silverlight
Applications,
| > here is the demo.
| >
| > How to: Use Windows Authentication to Secure a Service for Silverlight
| > Applications
| > http://msdn.microsoft.com/en-us/library/dd744835(VS.95).aspx
| >
| > We can authenticate a user or check whether the current user is
| > authenticated by customing the service logic. By the way, the
| > authentication logic should always be done on the service side, since
| > hackers can invoke your service using their own client. Client side
| > authentication is optional, it can be used to create a better user
| > experience.
| >
| > Please let me know the information above so that I can provider further
| > assistance on this problem. I am looking forward to your reply.
| >
| > --
| > Sincerely,
| > Jerry Weng
| > Microsoft Online Community Support
| >
| > ==================================================
| > Get notification to my posts through email? Please refer to
| >
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
| > ications.
| >
| > With newsgroups, MSDN subscribers enjoy unlimited, free support as
opposed
| > to the limited number of phone-based technical support incidents.
Complex
| > issues or server-down situations are not recommended for the
newsgroups.
| > Issues of this nature are best handled working with a Microsoft Support
| > Engineer using one of your phone-based incidents.
| > ==================================================
| > --------------------
| > | Thread-Topic: Sharing ASPNET security
| > | thread-index: AcsuXD8FR62XCnroR6eJDu0zoHUL1A==
| > | X-WBNR-Posting-Host: 216.117.194.109
| > | From: Gerhard <[email protected]>
| > | Subject: Sharing ASPNET security
| > | Date: Wed, 28 Jul 2010 06:53:23 -0700
| > | Lines: 5
| > | Message-ID: <[email protected]>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| > | Path: TK2MSFTNGHUB02.phx.gbl
| > | Xref: TK2MSFTNGHUB02.phx.gbl
| > microsoft.public.dotnet.framework.aspnet.security:88
| > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| > |
| > | I have a .net 2.0 web site and a .net 4.0 Silverlight Business
| > application
| > | (that uses RIA Services) that I would like to share ASPNET security
so I
| > can
| > | go back and forth without having to log in a second time. How can I
do
| > this?
| > |
| > | This is a second post on this as the first never showed up in search.
| > |
| >
| > .
| >
|
 
Ad

Advertisements

J

Jerry Weng

Hello Gerhard,

Have you try my suggestion? If that not work, please feel free to reply
here.

--
Sincerely,
Jerry Weng
Microsoft Online Community Support
--------------------
| Thread-Topic: Sharing ASPNET security
| thread-index: AcszfhGXvRZFC9whRra1zXnZGMxOmg==
| X-WBNR-Posting-Host: 216.117.194.109
| From: Gerhard <[email protected]>
| References: <[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
| Subject: RE: Sharing ASPNET security
| Date: Tue, 3 Aug 2010 19:38:06 -0700
| Lines: 189
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:108
| NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| Thanks. I'll give this a try, and let you know if I have any questions.
|
| "Jerry Weng" wrote:
|
| > Hello Gerhard,
| >
| > I think it is easy to handle that. But we need to create a web service
to
| > make a bridge. Let me explain it.
| >
| > Condition 1:
| > 1, the SilverLight application should be deployed on one page in the
| > ASP.NET web application. Ensure they can share the same session.
| > 2, user login on the ASP.NET web application first. The Silverlight
| > application does not need to be authenticated again.
| > 3, need a WCF service, or a common web service to execute some code
like
| > "HttpContext.Current" to get the user information on the current
session.
| > If returns null, it means the user does not be authenticated, or send
back
| > the current user infomation.
| >
| > Condition 2:
| > 1, the SilverLight application should be deployed on one page in the
| > ASP.NET web application. Ensure they can share the same session.
| > 2, user login on the Silverlight appliation first. The ASP.NET web
| > application does not need to be authenticated again.
| > 3, also need a WCF service, or a common web service. We could post the
| > username and password to the service and make it authenticated there.
| >
| > --
| > Sincerely,
| > Jerry Weng
| > Microsoft Online Community Support
| > --------------------
| > | Thread-Topic: Sharing ASPNET security
| > | thread-index: AcsytgNWukoQUcfxQ06wYJ3yuOHqJw==
| > | X-WBNR-Posting-Host: 216.117.194.109
| > | From: Gerhard <[email protected]>
| > | References: <[email protected]>
| > <[email protected]>
| > | Subject: RE: Sharing ASPNET security
| > | Date: Mon, 2 Aug 2010 19:46:03 -0700
| > | Lines: 110
| > | Message-ID: <[email protected]>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| > | Path: TK2MSFTNGHUB02.phx.gbl
| > | Xref: TK2MSFTNGHUB02.phx.gbl
| > microsoft.public.dotnet.framework.aspnet.security:103
| > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| > |
| > | Thanks.
| > |
| > | Using it in Silverlight is already working, as it is in the web site.

| > What
| > | I need to be able to do is share the security between the two, so I
can
| > call
| > | a Silverlight page (.net 4.0) in the from the Web site (.net 2.0)
without
| > | having to login again.
| > |
| > | If you can show me how to do this, it would be a great help.
| > |
| > | Thanks.
| > |
| > | "Jerry Weng" wrote:
| > |
| > | > Hello Gerhard,
| > | > Thank you for posting.
| > | > From your post, my understanding on this issue is: you want to use
| > ASP.NET
| > | > security in your Silverlight application. If I'm off base, please
feel
| > free
| > | > to let me know.
| > | >
| > | > If we want to use ASP.NET Authentication in Silverlight
applications,
| > we
| > | > need to create an ASP.NET Application Service. ASP.NET application
| > services
| > | > are built-in Web services that provide access to features such as
forms
| > | > authentication, roles, and profile properties. An important feature
of
| > | > ASP.NET application services is that they are available to a
variety of
| > | > client applications, not just ASP.NET Web applications. ASP.NET
| > application
| > | > services are available to any client that is based on the .NET
| > Framework.
| > | > In addition, any client application that can send and receive
messages
| > in
| > | > SOAP format can use ASP.NET application services. For more details
| > about
| > | > ASP.NET Application Service, please refer to this document:
| > | >
| > | > ASP.NET Application Services Overview
| > | > http://msdn.microsoft.com/en-us/library/bb547119.aspx
| > | >
| > | > Here is a demo on MSDN which talked about how to use the ASP.NET
| > | > Authentication Service to log in through silverlight applications.
| > | >
| > | > How to: Use the ASP.NET Authentication Service to Log In Through
| > | > Silverlight Applications
| > | > http://msdn.microsoft.com/en-us/library/dd560704(VS.95).aspx
| > | >
| > | > If you want to use Windows Authentication for the Silverlight
| > Applications,
| > | > here is the demo.
| > | >
| > | > How to: Use Windows Authentication to Secure a Service for
Silverlight
| > | > Applications
| > | > http://msdn.microsoft.com/en-us/library/dd744835(VS.95).aspx
| > | >
| > | > We can authenticate a user or check whether the current user is
| > | > authenticated by customing the service logic. By the way, the
| > | > authentication logic should always be done on the service side,
since
| > | > hackers can invoke your service using their own client. Client side
| > | > authentication is optional, it can be used to create a better user
| > | > experience.
| > | >
| > | > Please let me know the information above so that I can provider
further
| > | > assistance on this problem. I am looking forward to your reply.
| > | >
| > | > --
| > | > Sincerely,
| > | > Jerry Weng
| > | > Microsoft Online Community Support
| > | >
| > | > ==================================================
| > | > Get notification to my posts through email? Please refer to
| > | >
| >
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
| > | > ications.
| > | >
| > | > With newsgroups, MSDN subscribers enjoy unlimited, free support as
| > opposed
| > | > to the limited number of phone-based technical support incidents.
| > Complex
| > | > issues or server-down situations are not recommended for the
| > newsgroups.
| > | > Issues of this nature are best handled working with a Microsoft
Support
| > | > Engineer using one of your phone-based incidents.
| > | > ==================================================
| > | > --------------------
| > | > | Thread-Topic: Sharing ASPNET security
| > | > | thread-index: AcsuXD8FR62XCnroR6eJDu0zoHUL1A==
| > | > | X-WBNR-Posting-Host: 216.117.194.109
| > | > | From: Gerhard <[email protected]>
| > | > | Subject: Sharing ASPNET security
| > | > | Date: Wed, 28 Jul 2010 06:53:23 -0700
| > | > | Lines: 5
| > | > | Message-ID: <[email protected]>
| > | > | MIME-Version: 1.0
| > | > | Content-Type: text/plain;
| > | > | charset="Utf-8"
| > | > | Content-Transfer-Encoding: 7bit
| > | > | X-Newsreader: Microsoft CDO for Windows 2000
| > | > | Content-Class: urn:content-classes:message
| > | > | Importance: normal
| > | > | Priority: normal
| > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
| > | > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| > | > | Path: TK2MSFTNGHUB02.phx.gbl
| > | > | Xref: TK2MSFTNGHUB02.phx.gbl
| > | > microsoft.public.dotnet.framework.aspnet.security:88
| > | > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| > | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| > | > |
| > | > | I have a .net 2.0 web site and a .net 4.0 Silverlight Business
| > | > application
| > | > | (that uses RIA Services) that I would like to share ASPNET
security
| > so I
| > | > can
| > | > | go back and forth without having to log in a second time. How
can I
| > do
| > | > this?
| > | > |
| > | > | This is a second post on this as the first never showed up in
search.
| > | > |
| > | >
| > | > .
| > | >
| > |
| >
| > .
| >
|
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top