Hey guys:
We have a situation where we want a Silverlight application to be used as the drop point for authentication. Basically we are writing a rudimentary Single Sign On solution. I currently have the authentication part in Silverlight working the way I want it, however, the ASP.NET host doesn't see this authentication. Everything I search online shows only how to authenticate in ASP.NET and let SL use that. Nothing shows the other way around
Any ideas how I would handle this?
Essentially we will be including this Silverlight app in all of our new websites. ASP.NET auth request redirects to this app if the user isn't authenticated. Authentication is done in the SL app and then the user should be redirected as would normally happen in ASP.NET. I've got everything working except for the fact that when I redirect the ASP.NET site, the user isn't authenticated there.
*I realize this isn't CSLA specific but it kind of pertains to the Auth video in the SL series so I thought I'd ask here as well.
TIA,
Will
I've heard of people using cookies to do this, as in creating a cookie in Silverlight and reading it from ASP.NET.
There's also a concept of an "HTML Bridge" that I've used as described here:
http://www.silverlightshow.net/items/Building-a-Silverlight-Line-Of-Business-Application-Part-6.aspx
You could use hidden form fields to set your authentication key or username, which would be populated via Silverlight.
Cookies was/is my first attempt at this. I think it's inevitable that I'll have to write a cookie out to the host for any of it to work. That's actually where I'm stuck at the moment. I've got code writing a cookie in Silverlight and I can then fetch the cookie in Silverlight. However, the host page doesn't see the cookie.
For instance, in SL I do this
HtmlPage.Document.SetProperty("cookie", "TEST=3;expires=23 Sep 2009 13:09:13")
That "cookie" is now available in SL. However, on the host page Response.Cookies.Count is still 0. It's like this "cookie" idea in Silverlight isn't the same cookies you'd expect in the ASP.NET realm.
Thoughts?
Will
It works for me. Try refreshing the page after setting the cookie. For example, do this in Silverlight after your cookie is created:
HtmlPage.Document.Submit()
Then, in your ASP.NET test code, your cookie should be there.
I'm having no luck.
Heres the relevant code
--SET THE COOKIE FROM SILVERLIGHT
public static void SetCookie(string key, string val, TimeSpan? expires, string path, string domain, bool secure)
{
StringBuilder fullCookie = new StringBuilder(); fullCookie.Append(string.Concat(key, "=", val));
if (expires.HasValue)
{
DateTime expire = DateTime.UtcNow + expires.Value; fullCookie.Append(string.Concat(";expires=", expire.ToString("R")));
}
if (path != null)
{
fullCookie.Append(string.Concat(";path=", path));
}
if (domain != null)
{
fullCookie.Append(string.Concat(";domain=", domain));
}
if (secure)
{
fullCookie.Append(";secure");
}
HtmlPage.Document.SetProperty("cookie", fullCookie.ToString());
}
--I call the code like this
CookieManager.SetCookie("AuthenticationToken", user.Token, TimeSpan.FromMinutes(25));
HtmlPage.Document.Submit(); -- Per your recommendation (i was previously doing a page redirect).
I have a breakpoint on the Page_Load event of the page. When I hit my breakpoint I see that Response.Cookies.Count is still 0.
Could this be something that changed between SL2 and SL3? I see lots of posts online that say this sort of thing "should" work.
Thanks,
Will
HtmlPage
.Document.GetElementById("hdnToken").SetProperty("value", user.Token);Interesting.. I tried your code and you're right - If you call Submit directly after the SetCookie call, it doesn't set the cookie. Maybe a threading issue? Here's code that will do the trick:
Private Sub OnEvent(ByVal sender As System.Object, ByVal e As System.Windows.RoutedEventArgs)SetCookie(
"test123", "testVal123")Dispatcher.BeginInvoke(
AddressOf SubmitDoc) End Sub Private Sub SubmitDoc()HtmlPage.Document.Submit()
End Sub
Copyright (c) Marimer LLC