I've been doing an Intranet application with ASP.Net 3.5, WCF and Silverlight 3 for the last few weeks. It seems that getting these things to play together is not so easy at the moment!
I am using Windows Integrated Authentication for the whole shooting match since it is on an Intranet. I thought that this would make it easy!
The functionality of the Silverlight application changes depending on the roles that the user has. First off, there don't appear to be any user querying facilities in Silverlight (e.g. like the Role Manager method Roles.IsUserInRole(username)). The general consensus seems to be that you should call a WCF service to get this kind of functionality. That is no problem as my Silverlight app already uses WCF!
I have impersonation configured in the web.config for the WCF services and the ASP.Net web site. I can call the services and see that WindowsIdentity.GetCurrent().Name is set to the name of the user accessing the Silverlight app. Great! I can also use the WCF Security Context and see that the current user is the Windows user using the Silverlight app. Happy days!
HOWEVER
Whenever I use a Role Manager method such as Roles.IsUserInRole(username) I get the error:
"Method is only supported if the user name parameter matches the user name in the current windows identity."
I have scoured the Internet looking for a way to get this to work, but alas, I cannot find one. It appears that Role Manager does not work in the ASP.Net, Silverlight and WCF scenario. My solution is this:
///
<summary>
/// Find information about a user's roles.
/// </summary>
/// <returns>The list of roles for the specified user.</returns>
[
{
WindowsIdentity id = WindowsIdentity.GetCurrent();
foreach (var group in id.Groups) NTAccount account = (NTAccount) group.Translate(typeof (NTAccount));
{
string name = account.Value;return userRoles;
userRoles.Add(name);
}
}
Obviously, I'm stuck with Windows Authentication now, but that doesn't really matter to me!
OperationBehavior(Impersonation = ImpersonationOption.Required)]public IList<string> GetRolesForCurrentUser()List<string> userRoles = new List<string>();