Line-of-business applications have a notorious reputation for being all business and no pleasure. The fact is that "user experience" has never really been a top concern when developing line-of-business (LOB) applications. While many LOB-style applications are putting an increasing emphasis on usability, they often fall short on appeal. User experience is actually a combination of both usability and appeal, as in Figure 1.
LOB applications classically fall somewhere between "Please shoot me!", and "Day Job". But there's no reason they can't fall into the "First Love" category; a perfect mix of usability and appeal.
The first thing to remember about a Silverlight application is that your code is running mainly on the client-side. This setup requires a solid communication layer connecting the client and the server, which is typically accomplished through web services; mainly WCF. Whether your databinding, authenticating, or even validating, you'll be talking through a web service at some point. Of course, you could use AJAX (XmlHTTPRequest) to communicate with the server; scripting the results to your Silverlight code, but that's best left to the hard core scripters out there.
Any line-of-business application is going to have a requirement for some form of authentication. While Silverlight doesn't have authentication built into its core, you can easily re-use the ASP.NET authentication model.
Authentication for a Silverlight application is set up just like a typical ASP.NET application. Permissions can be set for pages and directories, using rules and roles through the web.config file. For most scenarios, Windows authentication will be used, for its tight integration between roles and ActiveDirectory. However, if you choose to use forms-based authentication, you'll need to add a way for the user to supply credentials to your application. This can be done through a typical ASP.NET login page which acts as the gateway to your application. However, if you're creating a full-screen Silverlight application, it's better to provide a login experience which more closely matches the rest of your application. Enter WCF once again.
ASP.NET 3.5 includes WCF services for Authentication, Roles, and Profiles. These services can easily be added to your application in a couple of steps. Because the service is already included in the .NET Framework, you simply need to create an endpoint for the service. The first step is to add the .svc file to your web site. You will want to add a plain text file in this case rather than using the "Silverlight Enabled WCF Service", since you don't actually need a code behind file. Listing One is an example of the AuthenticationService.
<%@ ServiceHost Language="C#" Debug="true" Service="System.Web.ApplicationServices.AuthenticationService" %>
Aside from creating the service wrapper, you must also enable the service in the web.config file. This requires adding the service definition, bindings and behaviors as well as enabling the AuthenticationService through the system.web.extensions tag. Full details can be found in Listing Two.
<system.serviceModel> <bindings> <basicHttpBinding> <binding name="authBinding"> <!-- Transport security is recommended --> <security mode="Transport"/> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="AuthenticationServiceTypeBehaviors"> <serviceMetadata httpGetEnabled="true"/> </behavior> </serviceBehaviors> </behaviors> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> <services> <service name="System.Web.ApplicationServices.AuthenticationService" behaviorConfiguration="AuthenticationServiceTypeBehaviors"> <endpoint contract="System.Web.ApplicationServices.AuthenticationService" binding="basicHttpBinding" bindingConfiguration="authBinding" bindingNamespace="http://asp.net/ApplicationServices/v200"/> </service> </services> </system.serviceModel> <system.web.extensions> <scripting> <webServices> <authenticationService enabled="true" requireSSL="false"/> </webServices> </scripting> </system.web.extensions>
With authentication, role and profile services all in place on your web site, you can now add the appropriate service references to your Silverlight application and get to work writing some code.