integrating security roles into microsoft silverlight applications l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Integrating Security Roles into Microsoft Silverlight Applications PowerPoint Presentation
Download Presentation
Integrating Security Roles into Microsoft Silverlight Applications

Loading in 2 Seconds...

play fullscreen
1 / 30

Integrating Security Roles into Microsoft Silverlight Applications - PowerPoint PPT Presentation


  • 252 Views
  • Uploaded on

DEV356. Integrating Security Roles into Microsoft Silverlight Applications. Dan Wahlin Wahlin Consulting. Agenda. Silverlight Security Options Accessing User Identity Information Accessing User Roles Creating a SecurityManager class. Silverlight Security Options.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Integrating Security Roles into Microsoft Silverlight Applications' - gustav


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
integrating security roles into microsoft silverlight applications
DEV356

Integrating Security Roles into Microsoft Silverlight Applications

Dan Wahlin

Wahlin Consulting

agenda
Agenda
  • Silverlight Security Options
  • Accessing User Identity Information
  • Accessing User Roles
  • Creating a SecurityManager class
silverlight security options
Silverlight Security Options
  • Silverlight Authentication:
    • Windows
    • Forms
    • Custom
  • Silverlight Authorization:
    • Active Directory Groups
    • Forms Roles
    • Custom Roles
windows authentication options
Windows Authentication Options
  • Option 1: Secure page hosting Silverlight control
    • Easiest
    • User prompted
    • Silverlight app secured
  • Option 2: Secure backend services
    • Silverlight app is anonymous
    • Calls to service require credentials
    • Client HTTP stack can be used
using the client http stack
Using the Client HTTP Stack
  • //Set once in App.xaml.cs
  • HttpWebRequest.RegisterPrefix("https://", WebRequestCreator.ClientHttp);
  • ....
  • WebClientwc = new WebClient();
  • wc.UseDefaultCredentials = false;
  • wc.Credentials = new NetworkCredential("username", "password", "domain");
agenda6
Agenda
  • Securing Silverlight Applications
  • Accessing User Identity Information
  • Accessing User Roles
  • Creating a SecurityManager class
accessing a user s credentials
Accessing a User's Credentials
  • Silverlight does not support accessing the User object directly
    • User.Identity.Name
  • Options for accessing the user name:
    • initParams (be careful!)
    • Use a service
    • WCF RIA Services
passing the user name with initparams
Passing the User Name with initParams
  • User Name can be passed dynamically into Silverlight using initParams

Be Careful!

using initparams
Using initParams

<param name="initParams" value="UserName=<%=User.Identity.Name%>" />

private void Application_Startup(object sender, StartupEventArgs e) {

ProcessInitParams(e.InitParams);

this.RootVisual = new MainPage();

}

void ProcessInitParams(IDictionary<string, string> initParams) {

if (initParams != null) {

foreach (var item in initParams) {

this.Resources.Add(item.Key, item.Value);

}

}

}

creating a user credentials service
Creating a User Credentials Service
  • Create a User Credentials WCF/ASMX service:
    • Service handles returning authenticated user's information
    • No risk of a spoofed User Name as with initParams
    • Service can return additional information such as roles
    • WCF RIA Services does this out-of-the-box
returning a user name from a service
Returning a User Name from a Service

[OperationContract]

public string GetLoggedInUserName() {

return new SecurityRepository() .GetUserName(OperationContext.Current);

}

public class SecurityRepository {

public string GetUserName(OperationContextopContext) {

return (opContext.ServiceSecurityContext != null &&

opContext.ServiceSecurityContext.WindowsIdentity != null) ? opContext.ServiceSecurityContext.WindowsIdentity.Name : null;

}

}

agenda13
Agenda
  • Silverlight Security Options
  • Accessing User Identity Information
  • Accessing User Roles
  • Creating a SecurityManager class
accessing user roles
Accessing User Roles
  • Options:
    • Pass user roles into application using initParams
    • Create a security service operation that returns roles

Be Careful!

returning roles from a service
Returning Roles from a Service

[OperationContract]

public List<Role> GetRoles()

{

return new SecurityRepository().GetRoles(OperationContext.Current);

}

public class SecurityRepository {

public List<Role> GetRoles(OperationContextopContext)

{

varuserName = GetUserName(opContext);

//Get roles from Active Directory, Database, or elsewhere

}

}

agenda17
Agenda
  • Silverlight Security Options
  • Accessing User Identity Information
  • Accessing User Roles
  • Creating a SecurityManager class
creating a securitymanager class
Creating a SecurityManager Class
  • SecurityManager class can act as client-side gateway to user credentials:
    • Accesses user credentials asynchronously
    • Determine user role(s)
    • Determine access to view
    • MVVM compliant
    • Add to ViewModel base class through aggregation
the securitymanager class
The SecurityManager Class

[Export(typeof(ISecurityManager))]

[PartCreationPolicy(CreationPolicy.Shared)]

public class SecurityManager : ISecurityManager {

public event EventHandlerUserSecurityLoaded;

public boolIsUserSecurityLoadComplete { get; set; }

public ObservableCollection<Role> UserRoles { get; set; }

public string UserName { get; set; }

public boolIsAdmin { get; }

public boolIsInUserRole { get; }

public boolIsValidUser { get; }

private void GetUserSecurityDetails() {}

public boolCheckUserAccessToUri(Uri uri) {}

public boolUserIsInRole(string role) {}

public boolUserIsInAnyRole(params string[] roles) {}

}

using the securitymanager class
Using the SecurityManager Class

public class ViewModelBase: INotifyPropertyChanged { [Import]

public ISecurityManagerSecurityManager { get; set; }

}

public class MainPageViewModel : ViewModelBase {

public MainPageViewModel() {

if (!IsDesignTime) SecurityManager.UserSecurityLoaded += SecurityManagerUserSecurityLoaded;

}

void SecurityManagerUserSecurityLoaded(object sender, EventArgs e) {

IsAdmin = SecurityManager.IsAdmin; //Set INPC property

UserName = SecurityManager.UserName; //Set INPC property

}

}

summary
Summary
  • Silverlight doesn’t provide direct access to user credentials
  • Different techniques can be used to access a user name and roles:
    • Pass into initParams (be careful!)
    • Access data through a security service
    • Use WCF RIA Service's WebContext class
  • The SecurityManager class can simplify the process of working with user credentials
    • Handles async calls to security service
    • Stores user credentials and provides security logic
    • Integrates well with MVVM
related content

Required Slide

Speakers, please list the Breakout Sessions, Interactive Discussions, Labs, Demo Stations and Certification Exam that relate to your session. Also indicate when they can find you staffing in the TLC.

Related Content
  • DEV209: From Zero to Silverlight in 75 Minutes
  • DEV210: Microsoft Silverlight, WCF RIA Services and Your Business Objects
  • DEV331: A Lap around Microsoft Silverlight 5
  • DEV386HOL: Microsoft Silverlight Data Binding
  • DEV388HOL: Web Services and Microsoft Silverlight
  • DEV390HOL: Using the MVVM Pattern in Microsoft Silverlight Applications
contact info

Blog

http://weblogs.asp.net/dwahlin

Twitter

@DanWahlin

Contact Info

Blog

http://weblogs.asp.net/dwahlin

Twitter

@DanWahlin

web track resources
Web Track Resources
  • http://www.asp.net/
  • http://www.silverlight.net/
  • http://www.microsoft.com/web/gallery/
  • http://www.iis.net/
  • http://weblogs.asp.net/Scottgu/
  • http://www.hanselman.com/blog/
resources
Resources
  • Connect. Share. Discuss.

http://northamerica.msteched.com

Learning

  • Sessions On-Demand & Community
  • Microsoft Certification & Training Resources

www.microsoft.com/teched

www.microsoft.com/learning

  • Resources for IT Professionals
  • Resources for Developers
  • http://microsoft.com/technet
  • http://microsoft.com/msdn