Silverlight的用户身份验证 [英] Silverlight user authentication

问题描述

我目前正在开发一个Silverlight 3应用程序，需要某种形式的用户身份验证，因为从WCF服务拉着数据是特定的用户。目标受众是经常上网 - 所以没有向AD进行身份验证

下面是一些我曾经就这种情况的问题：

• 是否有一个框架或其他机制，会支持我吗？


• 你会推荐Silverlight应用程序内或通过类似形式的权威性之外的机制认证？哪个更安全？


• 怎么样外的浏览器支持？

解决方案

我用ASP.NET的验证

。只需使用一个的MembershipProvider（或实现自己的）。
然后去<一个href=\"http://www.silverlightshow.net/items/Accessing-the-ASP.NET-Authentication-Profile-and-Role-Service-in-Silverlight.aspx\" rel=\"nofollow\">http://www.silverlightshow.net/items/Accessing-the-ASP.NET-Authentication-Profile-and-Role-Service-in-Silverlight.aspx检查出如何可以公开的认证服务。

然后在你的WCF服务，你做以下（在ASP中托管）：

 公共类MyWCFService：IMyWCFService
{
        //从检索的MembershipProvider用户标识
        私人诠释GetUserId（）
        {
            的MembershipUser用户= Membership.GetUser（）;
            INT用户id =（INT）user.ProviderUserKey;
            返回用户id;
        }        //检查用户是否通过验证
        私人布尔IsUserAuthenticated（）
        {
            返回HttpContext.Current.User.Identity.IsAuthenticated;
        }        公共无效订阅（）
        {
            如果（！IsUserAuthenticated（））
            {
                抛出新SecurityException异常（你必须通过身份验证才能使用这项服务。）;
            }            INT用户id = GetUserId（）;
            DoStuff（用户ID）;
        }
}
 

希望有所帮助。

I am currently developing a Silverlight 3 app that needs some sort of user authentication, because the data pulled from a WCF service is user specific. Target audience is the regular Internet - so there is no AD to authenticate against.

Here are some of the questions I have concerning that situation:

• Is there a framework or other mechanism that would support me?
• Would you recommend authentication within the Silverlight app or via outside mechanisms like forms auth? Which is more secure?
• What about out-of-browser support?

解决方案

I used ASP.NET's authentication. Just use a MembershipProvider (or implement your own). Then go to http://www.silverlightshow.net/items/Accessing-the-ASP.NET-Authentication-Profile-and-Role-Service-in-Silverlight.aspx to check out how you can expose the authentication service.

Then in your WCF service, you do the following (hosted in ASP):

public class MyWCFService : IMyWCFService 
{
        // retrieve your UserId from the MembershipProvider
        private int GetUserId()
        {
            MembershipUser user = Membership.GetUser();
            int userId = (int)user.ProviderUserKey;
            return userId;
        }

        // check if user is authenticated
        private bool IsUserAuthenticated()
        {
            return HttpContext.Current.User.Identity.IsAuthenticated;
        }

        public void Subscribe()
        {
            if (!IsUserAuthenticated())
            {
                throw new SecurityException("You must be authenticated to be able to use this service.");
            }

            int userId = GetUserId();
            DoStuff(userId);
        }
}

Hope that helps.

这篇关于Silverlight的用户身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！