Authentication and Authorization Using RIA Services (Article 7 of 7)

Posted by Peter Kellner on January 26, 2010 · 2 mins read

  Title Of Each Article Video Included With Each Post
Part 1 Introduction To RIA Services In Silverlight (This Article) 7 Minutes
Part 2 Basic RIA Services And DataGrid With  VS 2010 Tooling 14 Minutes
Part 3 Adding A DataGrid With Connect The Dots DataBinding in VS 2010 13 Minutes
Part 4 Adding a Navigation Page to a Silverlight Business Application Template 11 Minutes
Part 5 Adding Speakers Page Template With Converters In Visual Studio 2010 Beta2 11 Minutes
Part 6 Adding A Sessions Page That Includes a Query Parameter In Silverlight VS2010 Beta2 10 Minutes
Part 7 Basic Authentication and Authorization In RIA Services 5 Minutes

[media id=8]

This article is very short.  In the actual presentation, there was not much time to talk about this so a brief overview was done.  Basically, it’s all standard WCF stuff.  The idea is that the Silverlight Business Template adds logging in and supports Authentication just like an asp.net application does.  It uses the DomainDataSource to do the bridging between the silverlight clientside app, and the web application.  Authorization is built into the login module also so that you can assign attributes to your domainservice classes to restrict access.

That is, if you only want people who are logged in able to access one of your methods, you simply tag it as follows with the [RequiresAuthentication] attribute.

image

If you only want a certain logged in user role to be able to access a certain method, you tag it as follows

image

This of course solve the server side only.  On the client side, you need to call methods that are exposed through the domain data.  http://www.silverlightshow.net/items/Silverlight-3-with-Ria-Authentication-service.aspx discusses much of this on the client side.