I am wondering whether Silverlight has a security context where you can flag portions of the code with [PrincipalPermission(SecurityAction.Demand, Role = "Administrator")].
From all the research I've gathered so far is that in order to obtain a "user object" you have to write a service (or use the nasty RIA crap they want to complicate our lives with) and pass back and forth a custom defined user object (which inherits from UserBase object) that is recognizable by both the xaml (silverlight) runtime and the wcf service.
Assuming that this much is correct, how do i restrict access to particular screens within the silverlight app?
How do I set the current security principal to be the same as the user instance returned from the service?
I don't want to reinvent the wheel, and I was hoping I could use the authorization techniques in ASP.NET/Windows inside silverlight code by decorating screens with PrincipalPermission attribute or the silverlight equivalent.
Any help will be greatly appreciated! Thanks,
Martin
As long as the application implements the WebContextBase object in the System.ServiceModel.DomainServices.Client.ApplicationServices.WebContext.WebContextBase namespace (from the WCF RIA sdk) than the security context should be valid. The WebContextBase implements the IPrincipal interface which in turn makes the usage of [PrincipalPermission(SecurityAction.Demand, Role = "Administrator")] attributes possible throughout the code.
In order to make this work, in the web project of the solution one need to add a AuthorizationDomainService, and implement either the default or custom membership & role providers.