Click here to Skip to main content
Click here to Skip to main content

Tagged as

Go to top

Authentication against custom Table In Silverlight4 Using RIA Service

, 12 Apr 2011
Rate this:
Please Sign up or sign in to vote.
In my previous article we had discussed about Data Binding ,Validation,Exception Handling ,Handling Multiple table and many more.But the first step in a business application deals with Authentication.Surely nobody wants data to be meshed up by an anonymous user so in this article we are going to imp

In my previous article we had discussed about Data Binding ,Validation,Exception Handling ,Handling Multiple table and many more.But the first step in a business application deals with Authentication.Surely nobody wants data to be meshed up by an anonymous user so in this article we are going to implement Authentication to SOI (States of India) application.This post is restricted to FormsAuthentication model only.Also i am going to skip Authorization and due for next article.

Well authentication in Silverlight 4 using RIA service in business application can be implemented by 2 ways

  • Using Default authentication provided by Silverlight Business Template (Using ASP.Net Role and Membership)
  • Using Custom Authentication (Using your own database and  model )

You can find number of post/articles available in blogs that’s deals with default authentication with Asp.Net membership provider .If you want to find know more about  this MSDN article worth a look .

SO lets start with Authentication using your own custom table for application.

Scenario

This article going to demonstrate the steps involved for integrating  authentication to States of India (SOI App) using a custom table which will store basic information such as UserName,Password and Email.Before proceeding with SOI app lets have a look into the app with my previous articles.

Custom Authentication  using RIA Services

So here the application aim to have following functionality

  1. The User have access to the Home page , where they can view the State and its information
  2. But Adding a new state or Editing state requires user to be authenticated

Steps Involved For Implementing Authentication

Before going into detail of each steps the image bellow shows a overall picture/steps.Follow the Arrow mark for sequence , as there is a human tendency of reading Left to Right Smile.

Custom Authentication  using RIA Services

Adding a new Table to Database and Updating the Data model

The first step is to add a table to application database, here I have added a new table called UserDetail with following fields.

Custom Authentication  using RIA Services

Then go to your Model at server side project and update the Model.In case you need the detail of setting up a Entity Data Model then refer to my earlier post Here.

Custom Authentication  using RIA Services

Select the newly added UserDetail table and proceed.Along with the newly added entity to data model it will be as bellow.If you notice than you can mark that the UserName column in the  table is mapped as Name to UserDetail entity , we will discuss about it later in this post.

Custom Authentication  using RIA Services

The Basic Server Side Setup for Custom Authentication

Changes to WebConfig File

As we opted for Forms Authentication, the very first change we need is to add the authentication in webconfig file.So add following section to the webconfig file at server side project.

<authentication mode="Forms"> 
</authentication>

The Concept

Before i proceed with rest of the article lets have a look into some concept and how it will work.When you use a business template in Silverlight ,visual Studio adds Authentication service derived from AuthenticationBase<T> and User Derived form UserBase.The user information and roles are stored with default ASP.Net membership provider table ASPNETDB.

But we are going to use UserDetail table instead of default ASPNETDB and our own Domainservice to handle authentication.Here comes the IAuthentication and Iuser interfaces.

Custom Authentication  using RIA Services

So our Custom DomainService is going to be implement IAuthentication <T> , where T is the type of UserDetail,  in turns the interface will make available the UserDetail to both client and server side.

As the UserDetail entity is going to be propagated to client side using IAuthentication it requires to implement IUser interface.The update of Entity Data Model add UserDetail entity to model and generates  following piece of code along side State and City entity.

Custom Authentication  using RIA Services

Our Database Table does not holds  Name property as its required from IUser interface point of view  ,so we need to map UserName to Name in UserDetail entity.You can avoid this step If your table has a Name column .For the time being here i am going to skip Role as implemented by IUser.

Custom Authentication  using RIA Services

Then lets add a class named UserDetail to implement IUSer interface,

Custom Authentication  using RIA Services

public partial class UserDetail : IUser 
{ 
#region IUser Members 
[DataMember] 
public IEnumerable<string> Roles 
{ 
get 
{ 
return null; 
} 
set 
{ 
throw new NotImplementedException(); 
} 
} 
#endregion 
} 
}

So partial classes for UserDetail at EntityModel and above UserDetail sets the valid User which is going to be use  in the Custom Authentication domain service ,which we are going to add in  next Step.

Adding a DomainService for Authentication

Lets add a new DomainService named SOIAuthDomainService with out selecting any entity .In the Domain service implement IAuthentication interface

Custom Authentication  using RIA Services

Here in SOIAuthDomainService along with the default methods we will add some more method for Validation and insertion of a user.And also implement logic for Login,Logout. The DefaultUser is  the user we are going to return in case the login failed. So overall the class structure will be as bellow

Custom Authentication  using RIA Services

The Login Logic in the domain service as follows

public UserDetail Login(string userName, string password, bool isPersistent, string customData) 
{ 
if (this.ValidateUser(userName, password)) 
{ 
FormsAuthentication.SetAuthCookie(userName, isPersistent); 
return this.GetUser(userName); 
} 
return null; 
}

while the ValidateUser logic follows as below

private bool ValidateUser(string username, string password) 
{ 
return this.ObjectContext.UserDetails.Any(u => u.Name == username && u.Password == password); 
}

As we are allowing User Registration so here let add InsertUser Method ,later in this post we will check with implementation

public void InsertUser(UserDetail user) 
{ 
if ((user.EntityState != EntityState.Detached)) 
{ 
this.ObjectContext.ObjectStateManager.ChangeObjectState(user, EntityState.Added); 
} 
else 
{ 
this.ObjectContext.UserDetails.AddObject(user); 
} 
}

Client Side Setup

The next step is to add the Registration Service to the ApplicationLifeTime so that it can be accessed using WebContext.Current.When you built a RIA project it automatically Creates a WebContext Class at client side which holds information Authentication and Current User.Here check with the client side generated code

Custom Authentication  using RIA Services

So in the App.Xaml.cs add followings

// Create a WebContext and add it to the ApplicationLifetimeObjects 
// collection.  This will then be available as WebContext.Current. 
WebContext webContext = new WebContext(); 
webContext.Authentication = 
new System.ServiceModel.DomainServices.Client.ApplicationServices.FormsAuthentication(); 
//webContext.Authentication = new WindowsAuthentication(); 
this.ApplicationLifetimeObjects.Add(webContext);

Implementing Authentication Logic at UI

Lets add Login And UserRegistration Screens to client side Silverlight project.

Custom Authentication  using RIA Services

As my intention is to give a clear picture on authentication , i have-not added any validation logic what so ever.For more information on adding validation logic refer my earlier post here.

So coming to this post ,lets check with the Login screen.

Login  Screen

With the the user input details and on Ok Button click the user credential validated against database using the service.The commented code is self explanatory for each line of code and its intentions.

private void OKButton_Click(object sender, RoutedEventArgs e) 
{ 
biCreateUser.IsBusy = true; 
//Attach The Authentication_LoggedIn For Displaying the User Status 
//On MainPage once the user Logged In 
WebContext.Current.Authentication.LoggedIn += 
new EventHandler<AuthenticationEventArgs>(Authentication_LoggedIn); 
//Call WebContext.Current.Login 
LoginOperation lop=  WebContext.Current.Authentication.Login 
((new LoginParameters(txtUserName.Text, txtPassword.Text, true, null))); 
//Callback to Login Operation 
lop.Completed += (Authsender, args) => 
{ 
if (!lop.HasError) 
{ 
if (lop.LoginSuccess) 
{ 
this.DialogResult = true; 
} 
else 
{ 
lblAuthStatus.Content = “Login Failed”; 
} 
} 
else 
{ 
MessageBox.Show(lop.Error.Message); 
lop.MarkErrorAsHandled(); 
} 
biCreateUser.IsBusy = false; 
}; 
}

Once the Login operation completed successfully  and the on login screen close ,we will  display the UserName on main page header.

Custom Authentication  using RIA Services

So I am going to add a method called UpdateStatus in the Mainpage.Xaml.cs and will call it on the login window close.

private void ChildWindow_Closed(object sender, EventArgs e) 
{ 
MainPage mpage = (MainPage)App.Current.RootVisual; 
mpage.UpdateStatus(); 
}

Using Webcontext.Current we can  check weather the client using the app is authenticated or not.

WebContext.Current.Authentication.User.Identity.IsAuthenticated

So the Update Status code follows as bellow

public void UpdateStatus() 
{ 
//Check if Client is Authenticated 
if (WebContext.Current.Authentication.User.Identity.IsAuthenticated) 
{ 
lblUser.Visibility = System.Windows.Visibility.Visible; 
//Assign The Username to screen 
lblUser.Content = WebContext.Current.Authentication.User.Identity.Name; 
hbLogin.Content = “Logout”; 
} 
else 
{ 
lblUser.Visibility = System.Windows.Visibility.Collapsed; 
hbLogin.Content = “Login”; 
} 
}

User Registration

As shown in picture the user have a option to Register in the Login screen and on demand the UserRegistration screen popup for adding a new user.The InsertUserDetail method in the SOIAuthentication DomainService class will be called on addition of a new user.

private void OKButton_Click(object sender, RoutedEventArgs e) 
{ 
//New Domain Context Objext 
SOIAuthDomainContext domContext = new SOIAuthDomainContext(); 
//New UserDetail Object from User Input 
UserDetail uDetail=new UserDetail(); 
uDetail.Name=txtUserName.Text; 
uDetail.Password=txtPassword.Text; 
uDetail.Email=txtEmail.Text; 
biWait.IsBusy = true; 
//Add to DomainContext UserDetail collection 
domContext.UserDetails.Add(uDetail); 
//Call InsertUserDetail with SubmitChanges 
SubmitOperation authSO= domContext.SubmitChanges(); 
authSO.Completed += (authsender, args) => 
{ 
if (!authSO.HasError) 
{ 
MessageBox.Show(“User Created”); 
this.DialogResult = true; 
} 
else 
{ 
MessageBox.Show(authSO.Error.Message); 
authSO.MarkErrorAsHandled(); 
} 
biWait.IsBusy = false ; 
}; 
}

The Final Punch

The above step lays the foundation for authentication and the Webcontext.Current can be used through out the project for additional constraint for each functionality.For e.g in SOI app , the AddNewState and EditState is now onwards open for authenticated User only.

Custom Authentication  using RIA Services

Conclusion

Microsoft suggest to follow ASP membership provide model for Authentication as it provide more reusability and more security.But authentication using custom table some times un avoidable .I hope this article will help you in many ways either using multiple Domain Services ,knowing application classes and of course authentication.Keep posting suggestions.

Source Code and Live Link

Live Link – SOI App

Source Code – StatesOfIndia_Authentication.zip

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Manas_Patnaik
Software Developer (Senior) Infosys
India India
Nothing special .. I like challenges and love my critics.
 
Associate Consultant | Microsoft | Bangalore | India

Blog : http://manaspatnaik.com/blog

Twitter@manas_patnaik
Follow on   Twitter

Comments and Discussions

 
QuestionInsertUser method calling? PinmemberPritesh Aryan9-Jun-12 21:19 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web01 | 2.8.140926.1 | Last Updated 12 Apr 2011
Article Copyright 2011 by Manas_Patnaik
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid