5

I am building my first Silverlight 3 + RI Services application and need some help.
It will be deployed in an controlled corporate intranet, 100% windows clients. I have started from the Silverlight Business Application template.
These are my requirements:

  1. Upon launch the application needs to recognize the currently logged-in user.
  2. The application needs to have access to other properties of the user in AD, such as email, full name, and group membership.
  3. Group membership is used to grand certain features in the application.
  4. A "login as a different user" link is to be always available - Some machines are available throughout the enterprise, logged-in as a certain generic user (verified by the absence of certain membership groups). In this case one can enter credentials and log in (impersonate) to the application as a user different from the one already logged-into the machine.
  5. This user is to be used in service calls


I have modified the following in the default Business Application template:

  1. App.xaml: appsvc:WindowsAuthentication instead of the default FormsAuthentication
  2. Web.config: authentication mode="Windows"

With these modifications I resolve requirement #1 (get the currently logged-in user). But when I examine RiaContext.Current.User, I don't have access to other properties from AD, such as group memberships. How can I achieve my other requirements?

Thanks for your help.

Hossein Narimani Rad
  • 31,361
  • 18
  • 86
  • 116
Gus Cavalcanti
  • 10,527
  • 23
  • 71
  • 104
  • Did you get anywhere with this? – Goober Sep 25 '09 at 14:59
  • No. I am very surprised nobody suggested a solution. I've also asked the same question at the RIA Services forum at silverlight.net and I've also got no response there! – Gus Cavalcanti Sep 25 '09 at 16:31
  • (http://forums.silverlight.net/forums/p/130101/290853.aspx#290853) – Gus Cavalcanti Sep 25 '09 at 16:33
  • What sources of information have you been following to build your Silverlight Business Application? – Goober Sep 28 '09 at 09:43
  • I have been following Brad Abrams samples which are fantastic. This (http://blogs.msdn.com/brada/archive/2009/07/13/business-apps-example-for-silverlight-3-rtm-and-net-ria-services-july-update-part-3-authentication.aspx) particular one is supposed to cover Authentication using RIA with Silverlight but I feel that it is not in-depth enough for me to actually implement what I need. What do you think? – Goober Sep 28 '09 at 09:46
  • I've been following Brad Abrams' blog also. Unfortunately he hasn't touch on how I can get information about a user's security group from AD. This is key for me because in my organization all applications rely on group memberships to grant proper rights. – Gus Cavalcanti Sep 28 '09 at 15:09

3 Answers3

4

In order to do this you will have to write your own Profile Provider and then modify the user class to include these profile properties which you can then access.

Have a look at page Section 13.3 of the RIA Services Overview document and let me know if you need any help.

We are just in the middle of implementing a RIA Services application and have written our own custom membership provide and profile provider so let me know if you need a hand.

Michal
  • 276
  • 1
  • 2
  • 6
  • Hi Michal! I've had so much trouble doing this. I don't quite understand what exactly it is I need to do? Do I need to use a database to store the user credentials? I feel like i've totally missed something, all of the tutorials are so vague. I would really appreciate some help and samples etc. I've just finished writing an entire RIA app thats got some awesome features but I can't move it to the cloud without authentication :-( – Goober Oct 03 '09 at 10:09
  • 1
    Yeah we found it a bit difficult as well. In point summary we did the following: 1) Implemented a membership provider by overriding the MembershipProvider Class 2) Implemented a Profile Provider by overriding the ProfileProvider class 3) Implemented a Role Provider. 4) Added all of that to the web.config (very important) of the silverlight app Keep in mind we are authenticating against AD but not using the ASP.NET membership or profile providers. Drop me an email and I can provide some samples. Cheers – Michal Oct 04 '09 at 17:52
3

Here is how I have hacked it on the AuthenticationService provided by BusinessApplicationTemplate.

 [EnableClientAccess]
    public class AuthenticationService : AuthenticationBase<User> {

    protected override User  GetAuthenticatedUser(System.Security.Principal.IPrincipal principal)
    {
        User user = base.GetAuthenticatedUser(principal);
        Configuration config = WebConfigurationManager.OpenWebConfiguration("~");
        SystemWebSectionGroup grp = (SystemWebSectionGroup)config.GetSectionGroup("system.web");
        AuthenticationSection auth = grp.Authentication;
        if (auth.Mode == AuthenticationMode.Forms)
        {
        }
        else if (auth.Mode == AuthenticationMode.Windows)
        {
            string[] a = user.Name.Split('\\');
            System.DirectoryServices.DirectoryEntry ADEntry = new System.DirectoryServices.DirectoryEntry("WinNT://" + a[0] + "/" + a[1]);
            string Name = ADEntry.Properties["FullName"].Value.ToString();
            user.Name = Name;
        }
        return user;
    }
}
CoolBeans
  • 20,654
  • 10
  • 86
  • 101
Premk
  • 31
  • 1
3

Hey everybody, there's a new article up on MSDN, I'm working through it now.

http://msdn.microsoft.com/en-us/library/ee707353(VS.91).aspx

Eric
  • 1,392
  • 17
  • 37