2

I created silver-light 4.0 application in that user can enter their username and password.
After submit this secret data(username, password ) from SL application,
it submitted to website with query string..
I want to pass as below URL string
for ex: -   http://testsite.com/mypage.aspx?<encrypted string>

I want to pass username and password in encrypted format from SL to Aspx page..
How I pass those information from SL application to asp.net website..

Abhishek B.
  • 5,112
  • 14
  • 51
  • 90
  • Is it your own web page that the credentials are being submitted to? If so, what does the web page give you? Why don't you use a WCF service instead? Or are you submitting to a third party web site (in which case they should already have a spec on how you should do it)? – slugster Jul 12 '11 at 23:50

3 Answers3

1

So you could just use the WebClient class and GET the page.

(I'm assuming your doing asp.net WebForms NOT MVC)

Your asp.net page should be a blank page, in your code behind you read your query string and do what you need with it, depending on success or failure you write the appropriate response with Response.Write();.

In your silverlight code, you will just need to request for your page, and you can then read the response from your asp.net page.

Asp.net:

var encyString = Request.QueryString["str"];
//some logic
Response.Write("Success");

Silverlight:

WebClient client = new WebClient(); 
client.DownloadStringCompleted +=
    new DownloadStringCompletedEventHandler(
    client_DownloadStringCompleted);

In Button1_Click, I call DownloadStringAsync, passing the complete URL that includes the number specified by the user.

private void Button1_Click(object sender, RoutedEventArgs e)
{
    string encryptedString = "example";
    client.DownloadStringAsync
      (new Uri("http://testsite.com/mypage.aspx?"+encryptedString));
}

In the DownloadStringCompleted event-handler, I check that the Error property of the event args is null, and either output the response or the error message to the text block.

void client_DownloadStringCompleted(object sender,
  DownloadStringCompletedEventArgs e)
{
    if (e.Error == null)
        resultBlock.Text = "Using WebClient: "+  e.Result;
        //will be Response.Write();

    else
        resultBlock.Text = e.Error.Message;
}

Above code was plagiarized from this blog.

Remember, a sniffer can read your request. You may want to use SSL if you need better security. Possibly a more secure way to send this data would be to POST it to your asp.net page.

This article describes how to POST from silverlight to a page.

HTH

gideon
  • 19,329
  • 11
  • 72
  • 113
  • Hello @giddy Is it possible in SL OOB application which runs from client PC to website page.. I passed parameter as a query string from Out of browser application to default.aspx page.. ? – Abhishek B. Jul 12 '11 at 05:59
  • 1
    If I'm not mistaken, you can request from a OOB SL app if this app was installed from the same domain. (Ex: the App was installed from testapp.com) If it was installed from another domain, then you will have to include a *clientaccesspolicy.xml* file on the root of testapp.com so your SL app can access it. [See this page](http://msdn.microsoft.com/en-us/library/cc645032(v=vs.95).aspx) There are numerous default examples of _clientaccesspolicy.xml_ you can find if you google it. – gideon Jul 12 '11 at 06:48
  • Thanks a lot for good suggestion. My application runs Out of browser (on client machine ) then I enter user-name and password into application and passes with query string in encrypted format like this url: http://www.testsite.com/mypage.aspx? – Abhishek B. Jul 14 '11 at 04:40
1

What I understood from the question is that you are authenticating user twice – First in SL app and then in ASP.Net app. Instead can you just authenticate user in SL and pass the result (True/False or token may be) to ASP.Net app? This is the safe way I feel.

Nilesh
  • 81
  • 1
  • 10
  • So How to communicate with SQL server and check Is it authorized or not. – Abhishek B. Jul 12 '11 at 06:05
  • I not authenticate user twice. just I check user authenticate from page only.. I not know how to authenticate user from SL with sql server. – Abhishek B. Jul 12 '11 at 06:05
  • See this video - [link](http://www.silverlight.net/learn/videos/all/use-aspnet-authentication-silverlight-3/). It is for SL3 but should work for SL4. What you are looking for is complex, so you need to understand authentication process well. – Nilesh Jul 12 '11 at 07:29
0

You can use like HtmlPage.Window.Eval("window.location.href='"+ YOURURL +"'");

Priyan R
  • 1,042
  • 1
  • 15
  • 24
  • @Priyan_R I want to pass username and password from SL application to new webpage with encrypted query string to url – Abhishek B. Jul 12 '11 at 05:38
  • Pass the Url Querystring encrypted from silverlight using cryptography checkout http://scrypt.codeplex.com/ – Priyan R Jul 12 '11 at 05:50