I'm implementing some SQL Server replication stuff that happens from a Silverlight app and am running into problems with security.
So, the user clicks a button which triggers an Update operation on the server and at that point I need to interact with SQL Server (using RMO - the replication API).
However, when I try this I get an exception when it tries to load the module - complaining that Type is not resolved for member: (my custom Principal) object. So, obviously the RMO code is expecting there to be a WindowsPrincipal as Thread.CurrentPrincipal.
Now, I've managed to work around this by calling LogonUser and Impersonate, and then creating a new WindowsPrincipal using the WindowsIdentity and seting the Thread.CurrentPrincipal to my new principal. But to do this requires that I somehow store the credentials - i.e. username, domain, password.
Is there any way I can get access to the Principal/Identity that WCF is running as? I specifically don't want the identity of the user executing the application - I don't know whether they'll have the correct rights. (That's probably a basic question, but most of this security stuff is pretty foreign to me!)
Copyright (c) Marimer LLC