• Article

Developing Identity-Driven Silverlight Applications

Version: 1.1.0

Description

This hands-on lab will show you various ways in which you can take advantage of claims-based identity from within your Silverlight application. From leveraging existing identity stores to achieve single sign on to your application, to using claims for guaranteeing your users a custom-tailored experience, you will learn how to adapt to the Silverlight environment the Windows Identity Foundation programming model that is already being successfully used with web sites and web services.

Overview

Claims-based identity is increasingly being adopted as the preferred way of securing level of business applications. The advantages it offers in term of reuse of existing identity stores, combined with the claims object model which abstracts complexity away and works consistently across the on-premises-cloud spectrum, are very attractive to developers of every focus and skill level. Windows Identity Foundation, the extension to .NET Framework which enables developers to develop claims-aware applications, is the platform of choice for implementing claims-based identity solutions on the Windows platform.

With their subdivision between rich presentation layer on the client and associated website, Silverlight based applications do not fit the classic client-service tiers model. As a result, Silverlight applications were not among the first wave of scenarios that were enhanced with claims-based capabilities.

This hands-on lab will suggest you ways in which you can take advantage of claims-based identity from within your Silverlight application. From leveraging existing identity stores to achieve single sign on to your application, to using claims for guaranteeing your users a custom-tailored experience, you will learn how to adapt to the Silverlight environment the Windows Identity Foundation programming model that is already being successfully used with web sites and web services.

The purpose of the lab is to allow you to experiment with claims-based identity in Silverlight already today. Currently the integration between the two products is not yet complete, hence there will be times in which custom adapter code will be necessary; that is a function of the current stage in the products roadmaps, and you can expect things to get simpler as we go forward.

Objectives

In this Hands-On Lab, you will learn how to:

  • Take advantage of an existing identity provider (exposed via passive STS) for externalizing authentication for a in-browser Silverlight application
  • Access claims values from the code of a Silverlight application and use them for user experience customization
  • Handle authorization for WCF services hosted in a Silverlight website using the WIF programming model
  • Take advantage of an existing identity provider (exposed via active STS) for externalizing authentication for an out-of-browser Silverlight application
  • Invoke services on other domains using SAML tokens from a Silverlight application

System Requirements

You must have the following items to complete this lab:

Setup

You must perform the following steps to prepare your computer for this lab.

  1. Open a Windows Explorer window and browse to the lab’s Source\Setup folder.

  2. Double-click the Dependencies.dep file in this folder to launch the Dependency Checker tool and install any missing prerequisites. This will also install some code snippets that will be used across the lab and the localhost certificate used in the second exercise by the local STS.

    Note:
    This process may require elevation. The .dep extension is associated with the Dependency Checker tool during its installation. For additional information about the setup procedure and how to install the Dependency Checker tool, refer to the Setup.docx document in the Assets folder of the training kit.

  3. Click Close to dismiss the confirmation dialog.

    Note:
    Next, the setup script will proceed by replacing any existing localhost certificate with a new one. If you already have a "localhost" certificate needed by another application, ensure to make a backup copy of it before continue with the lab's certificates installation.

  4. Once closed the code snippets installer, the setup script will proceed with the certificates installation. Press Y if you want to continue with the required certificates installation.

    Figure 1

    Certificates installation finished

    Note:
    If you are running Windows 7 or Windows 2008 R2 you might not see this window.

  5. When finished press any key to close the setup console.
Note:
In addition to the setup script, inside the Source\Setup folder of this lab, there is a Cleanup.cmd file you can use to uninstall all the code snippets installed by the SetupLab.cmd script.

Exercises

The following exercises make up this Hands-On Lab:

  1. Single Sign on, Claims-Driven Experience and Service Authorization for In-Browser Silverlight applications
  2. Identity and Out of Browser Applications
  3. Calling Services in Other Domains
Note:
Each exercise is accompanied by a starting solution. These solutions are missing some code sections that are completed during each exercise and therefore will not work if executed directly.

Inside each exercise you will find an end folder where you find the resulting solution you should obtain after completing the exercises. You can use this solution as a guide if you need additional help working through the exercises.

Using the Code Snippets

With code snippets you have all the code you need at your fingertips. The lab document will tell you exactly when you can use them. For example,

  1. Enable anonymous access to the AuthenticationService service by adding the following element on the Web.config file of the https://localhost/GymFabrikamClientWebEx01 project.

(Code Snippet – SilverlightAndIdentity Lab - Ex01 AuthenticationService location element)

XML

<connectionStrings />
FakePre-dfe5ce3ac5ca44c8805b400a5fc252ec-8d5333f2b38c44c6a801a2ba2db756ffFakePre-0e9028fc7802425c8dd18864cf907433-cf102ee6a7ca44edad35fd3a634340baFakePre-0a96cdfee1d6499486029668d79ab1ba-9d03c7b6c0804462b89139cb66b6e6cd<location path="AuthenticationService.svc"> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </location>FakePre-8acb8f762e0f404aa145fd426b98724c-89739c0f251a465e9e771c8ee89f5d10FakePre-7a453c16eb0f419b9e6bbc7f38ecc602-5ac7368cf7c943f1a044a5413337e84cFakePre-64fa04fcd1504fc0b340e53eda32f683-079cb68d1fb6434b927782e250079183

To add this code snippet in Visual Studio you simply place the cursor where you'd like the code to be inserted, start typing the snippet name, in this case SilverlightAndIdentityLabEx01AuthenticationServicelocationelement, watch as Intellisense picks up the snippet name, and hit the TAB key twice once the snippet you want is selected. The code will be inserted at the cursor location.

To insert a code snippet using the mouse rather than the keyboard (i.e. for web.config file and any other XML document), right-click where you want the code snippet to be inserted, select Insert Snippet... then My Code Snippets and then select the relevant snippet.

To learn more about Visual Studio IntelliSense Code Snippets, including how to create your own, please see https://msdn.microsoft.com/en-us/library/ms165392.aspx.

Note:
Note about XAML Code Snippets: Since this lab uses XAML Code Snippets and Visual Studio 2010 does not support them, code snippets for XAML have a different header specifying the path of a txt file that contains the code that you should add to the solution.

To use them, navigate to the folder that the header specifies, open the txt file, copy the content and paste it on Visual Studio.

Estimated time to complete this lab: 60 minutes

next >

Downloads

Download The Offline Training Kit
Download Hands-on Lab Document (DOCX)
Download Hands-on Lab Source Files

Contents