This question is locked. New answers and comments are not allowed.
I have an ASP.NET WebSite that has authentication already configured. I use a SecurePage:Page class to implement the authorization/authentication. It redirects to the login (forms) when necessary. Session is used to indicate that the user is already authenticated.
I want to add a page that contains a Silverlight app.
I do not want anyone without a current session to be able to access the data service, or the page.
I will make the container page a SecurePage type and that should secure the page. But, I do not think that will secure the service. I do not think I need to secure the xap because it is not usable without data.
Is there a simple way to secure a WCF RIA service in this situation? Perhaps checking for a authenticated Session somehow?
----------
I want to add a page that contains a Silverlight app.
I do not want anyone without a current session to be able to access the data service, or the page.
I will make the container page a SecurePage type and that should secure the page. But, I do not think that will secure the service. I do not think I need to secure the xap because it is not usable without data.
Is there a simple way to secure a WCF RIA service in this situation? Perhaps checking for a authenticated Session somehow?
----------