Im currently working on registration of our application. Basically we have a simple concurrent licensing system so when the user logs in we store their computer name and logon name to uniquely identify them. This is done from a simple winforms app that allows us to retrieve this data.
We now have a brother silverlight project that must work in the same licensing. The situation being that if a user logs into the winforms app they will use one license and if they log in on our silverlight app it will still use the one license because they are accessing it from the same computer.
The problem is that we cannot retrieve the clients machine and logon name with the silverlight application.
Can anybody think of a way of handling this? Or am i going bout it totally the wrong way.
Thanks
Forms or Windows authentication.
Once authenticated you can retrieve anything you want (such as user claims, user profile...etc) which is provided through a web service. This of course mean you are communicating with some database somewhere.
Related
There is the UserController class that lets us access and save user data.
I think UserController was meant to be used from within the context of a DNN website application, since it somehow already knows the connection string and other DNN settings.
So I take it that DNN Controller classes can't be used outside the context of a DNN website application, thus I can't add/revoke roles, reset password, and other administrative actions from a desktop application, correct?
If it's possible, please let me know. Thank you.
That's not possible out of the box but some reference can be available here which does somewhat similar things: http://iweb.codeplex.com/
Most of what you are asking for are pretty simple DB operation. You could use Entity Framework to map tables into classes in your .Net App and then issue Update commands. However, these will be executed outside of DNN and may not impact a currently logged on user unless you clear the cache of DNN or restart app.
You could write custom WebAPI methods to do so as Hammond suggested above. You need to ensure that these methods are secure though and only Admin / Host can execute them.
I have a silverlight application backed by RIA services & EntityFramework. Users log in directly in the silverlight application. We have the [RequiresAuthentication] attribute on the DomainService and have implemented custom MembershipProvider/AuthenticationBase<UserBase> for custom authentication utilizing "forms authentication". All of this is working well to authenticate users.
The problem is that users with laptops using wifi will travel through the building and hand off between wifi access points. As soon as that handoff occurs, the users session is immediately terminated - with no notice to the user. I would like some way to make the session more resilient. Asp.Net's out-of-the-box forms authentication seems to do this well - as long as you are inside the session timeout and you haven't deleted your cookies, you are good to go regardless of any temporary connectivity issues. What can I do to get my Silverlight app to be at least as resilient as a standard asp.net app?
One thing that might be the issue, is that I haven't implemented many of the functions in the MembershipProvider - really only ApplicatinName and ValidateUser(). Could that be the source of my problem?
I'm about to start development work on .NET 4.0 winforms application running on top of a Microsoft SQL Server 2012 database.
The number of users supposed to use the application might be any where between 2 to 10 and the application should be able to run either on a single stand alone computer or in an intranet in a windows environment.
in case the application is run on a single computer, each user would log into the application (not into windows) and perform what ever tasks they are authorized to do and then log out of the application.
If the application is configured to run on a small intranet, each user would log into the application from there respective office computers and do what ever they are authorized to do.
So, the application can run on a single none networked machine, where a single windows login account is being shared by staff at the facility but i have a requirement to allow access to certain application functionality depending on who is logged into the application, NOT who is logged into windows as the account might just be shared.
I have previously deployed ASP.NET applications in networked environments and used the SQL Membership, Roles and Profiles provider for authentication and authorization While for winforms apps, i have relied on active directory authentication.
Now with this particular project, i am wondering what the best solution might be. Probably some one here has implemented a solution for such a scenario and can give advice.
I have looked at this http://www.codeproject.com/Articles/27670/Implementing-Application-Security-with-Client-Appl solution but i still want to hear from the SO masses.
ALSO, any recommendation for a better post Title is welcome.
Once I worked in a WinForm application which was supposed to run on intranet, each user would log into the application....and this application was using centralized web service to authentication and other CRUD operation....The service was mediator between WinForm app and DB.
The approach given in code project article which u mentioned in question...is also fine.
Anyway I also got curious here....As you said u are about to start development in .Net 4.0 Winform.....I would like to understand why you made this choice over WPF? What reasons u got to favor WinForm in your scenario ?
I'm trying to authenticate my silverlight application to get windows user name, which then I use to get some further information. Have looked it up, but the answers I found were about configuring the web service to get it. Is there a way, to get windows credentials strictly in Silverlight? I cannot find .Credentials, the only thing I see is .ClientCredentials, but apparently it doesn't show the required information. I am getting the string "System.ServiceModel.Security.UserNamePasswordClientCredential". It actually allows me to set up the name, not retrieve it. Also there is a web service called authentication.asmx, but as before it applies to other purposes. Neither do I have any web service I could reference to and configure them. Or am I missing something? Perhaps I can retrieve the windows credential by NTLM or Kerberos? I am using Visual Web Developer 2010 Express with Silverlight 5.
My Experience is that the Membership framework that is present in the asp.net world is not available in silverlight. In order to achieve something similar I had to implement a web service (WCF) that was directed at the domain's active directory (ldap) server. Silverlight is a very strict framework in terms of interoperability, its good for security but has some limitations.
I am not sure about your level of knowledge of the active directory but here is a link that deal with a lot of the possible operations and has sample C# code to go along.
http://www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C#40a
I am going to be developing an application for work, and I am trying to decide whether to use Silverlight Business App or Asp.Net Web App. My manager is concerned about the performance and download time it would take if I created the entire application as a Silverlight app, with authentication. I have been playing around with some tutorials over the last week trying to get a perspective on my situation and have come up with a design question I need to ask those that are more experienced than me.
Is it possible to use a Asp.Net application and just embed a silverlight application in one of the pages that will be used inside a folder that is configured with the roles authorization? And if so, would it be possible to get user credentials from the client silverlight app without passing them through the initParams.
I understand that I can set the authentication to "useCookies", so I was thinking I would be able to get the cookie on the client and hopefully get a property verifying if the user is authenticated.
Also, would this be a risky practice? Thanks for any advice and direction.
There are a few approaches you could take. While I know you don't want to expose the credential in init params, you could generate a "ticket" (claims-based authentication) for the credential, and include the ticket (for example, a GUID) in the init params. When the Silverlight application launches, it would consume the ticket, possibly validating it via a secured web service call, and the ticket would no longer be valid so even if someone spoofed it or viewed the source, it couldn't be used.
Quite a bit depends on your architecture. For example, if you are using the roles-based authentication, and most of the business logic and/or decision making is based on web service calls, the web services can use HttpContext.Current.Identity to validate the user. Even if someone opens the Silverlight application, any service calls would fail unless they were appropriately authenticated. Otherwise, I would either go with passing a ticket so Silverlight trustst the user is valid (you can create a service that accepts the Guid and returns the role information) or have the user log in from Silverlight (you have a service facing in front of the authentication mechanism and then return a ticket and/or role information).
It gets even more interesting if you decide to use WCF RIA, check out these examples for baked-in authentication:
http://code.msdn.microsoft.com/RiaServices/Release/ProjectReleases.aspx?ReleaseId=2661
1.) It's absolutely possible to embed a Silverlight xap on an ASP.NET page.
2.) As far as credentials, using cookies could work, or you could pass in a token over initparams and validate that token via a web service to see if the user is valid
It's always a risk passing credentials around, especially when it's running on a clients computer. That said, Silverlight buys you a lot, so don't let the challenge of authentication hold you back.