Friday, June 27, 2008

Silverlight and REST for corporate (intranet) applications

Danger Will Robinson, Silverlight 2 beta 2's WebClient implementation does not support passing integrated security credentials. I was hoping to implement a RESTful services tier for my intranet Silverlight application using Windows Integrated Security. While this does work brilliantly when using IE as a client, the Silverlight client cannot call the services. There seems to be no good workaround: I could use ASP.NET authentication services using Forms authentication against AD, but I would have to present the client with a login prompt.

FYI, the service configuration for WCF REST and integrated security is as follows:

<behavior name="webBehavior">

<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />

<binding name="integratedWebHttpBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>

<service name="AppNamespace.Service">
<endpoint address=""
contract="AppNamespace.Service" />

No comments:

Post a Comment