Authentication in Silverlight applications that use WCF RIA services can make use of the WCF RIA services authentication framework. WCF RIA Services builds upon the ASP.NET Membership framework by exposing the Membership framework to rich Internet clients through the authentication domain service. After adding an authentication domain service, you can enable the following functions:
- Authentication - to verify a user's credentials and mark the user as logged in or logged out.
- Roles - to group users by responsibilities and grant resource permissions to authenticated members of a group.
- Profiles - to retain properties for authenticated users and retrieve those properties in your application.
This post demonstrates how to enable user authentication in your prism application using RIA services.
RIA Services provides the authentication domain service template to facilitate authentication on the presentation tier. The authentication domain service derives the AuthenticationBase class which contains the profile properties for the authenticated user. This service is accessed via the WebContext class which is automatically generated by the RIA services. You can also create your custom implementation for the membership provider and configure the service to use this instead of the default provider.
For e.g.:
public class BlogsPrajeeshMembershipProvider : MembershipProvider
{
public override string ApplicationName
{
get
{
return "BlogsPrajeesh.PrismSamples";
}
set { }
}
//Other methods…
public override bool ValidateUser(string username, string password)
{
if (username == "Prajeesh" && password == "Password") return true;
return false;
}
}
Configuring the membership provider in the Web.config file.
<system.web>
<httpModules>
<add name="DomainServiceModule" type="System.ServiceModel.DomainServices.Hosting.DomainServiceHttpModule, System.ServiceModel.DomainServices.Hosting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
httpModules>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
assemblies>
compilation>
<authentication mode="Forms" />
<membership defaultProvider="BlogsPrajeeshMembershipProvider">
<providers>
<add name="BlogsPrajeeshMembershipProvider" type="BlogsPrajeesh.PrismSamples.Web.BlogsPrajeeshMembershipProvider, BlogsPrajeesh.PrismSamples.Web"/>
providers>
membership>
system.web>
To use this authentication service in the Silverlight client, configure the WebContext in App.xaml.cs file as
public App()
{
this.Startup += this.Application_Startup;
this.Exit += this.Application_Exit;
this.UnhandledException += this.Application_UnhandledException;
InitializeComponent();
WebContext context = new WebContext();
context.Authentication = new FormsAuthentication();
ApplicationLifetimeObjects.Add(context);
}
Later in the Shell
public Shell()
{
InitializeComponent();
this.Loaded += new RoutedEventHandler((x, y) =>
{
if (WebContext.Current.Authentication.User != null && !WebContext.Current.Authentication.User.Identity.IsAuthenticated)
{
RegionManager.Regions["LoginRegion"].Add(LoginView, "LoginView");
RegionManager.Regions["LoginRegion"].Activate(LoginView);
}
});
}
The LoginViewModel code that authenticates the user
[Export(typeof(LoginViewModel))]
[PartCreationPolicy(CreationPolicy.NonShared)]
public class LoginViewModel : NotificationObject
{
[ImportingConstructor]
public LoginViewModel(IRegionManager regionManager)
{
_regionManager = regionManager;
LoginCommand = new DelegateCommand(() => PerformLogin());
this.PropertyChanged += new System.ComponentModel.PropertyChangedEventHandler((x, y) => RaiseCommandChanged());
}
private void RaiseCommandChanged()
{
LoginCommand.RaiseCanExecuteChanged();
}
private void PerformLogin()
{
var webContext = WebContext.Current;
webContext.Authentication.Login("Prajeesh", "Password");
webContext.Authentication.LoggedIn += new EventHandler((x, y) =>
{
var loginView = _regionManager.Regions["LoginRegion"].GetView("LoginView");
_regionManager.Regions["LoginRegion"].Remove(loginView);
});
}
//Other methods…
}