Now that we have an ASP.NET application that uses Silverlight, a WCF Web Service and a CouchDB database on AppHarbor, it would be nice to provide the application with Role and Membership management so we can control who has access to our web application.
- First provision the application on AppHarbor with SQL Server support by goining to the application’s page on AppHarbor, clicking “View Available add-ons” and then selecting “SQL Server”
- Then select the Yocto version, 20MB should be more than enough to keep track of our users:
- Under the application’s Variables page you will see the connection strings.
The full connection string can be found by clicking “Go to SQL Server” on the application’s page. Keep in mind that this connection string can be changed at any given point in time by AppHarbor or the SQL Server provider (Sequelizer) but we need it right now for the next step.
- Run the aspnet_regsql.exe tool and use the values from the connection string to install the the tables and procedures in the database. Note: if the tool can’t connect to the database you are probably behind a firewall that blocks out the port the tool uses to connect to the server.
- To use the same database when testing locally you could copy the connection string to the web.config file and configure the membership, role and profile providers:
- Now let’s protect the web service from being used by anonymous users of the web site. To do that create a folder in the web application’s project. I named mine WebServices and drag/drop the the DemoService.svc file into this folder.
- Open the ServiceReferences.ClientConfigin the Silverlight project and add the extra folder to the endpoint addresses:
- Now you can add roles and users using the asp.net configuration tool in Visual Studio.
- On the Security tab page, select Forms authentication.
- You can check the selected providers on the Provider tab page by clicking the second link:
- In the Security page I enabled roles and added two roles (Admin and User) and a single user (in both roles)
- Next I created some access rules. I selected the WebServices folder and denied Anonymous Users access. After that I allowed All Users access.
- The access rules of a folder are added to a web.config that is placed in that folder. Unfortunately Visual Studio does NOT automatically add this new config file to the project and therefore it will not be deployed. So make sure you include any web.config files that are added by the tool to the project. If these files are not deployed your site will not be secured. Click “Show All Files”, right-click web.config and select “Include In Project”:
- If you test the application you will not be able to call the web service because there is no way to login yet. So let’s add that first.
- Open the default.aspx and wrap the Silverlight control in a LoginView. I added a LoginStatus to be able to log out and a Login control to be able to login:
</pre> <form id="form1" style="height: 100%;"> <div id="silverlightControlHost"><object width="100%" height="100%" classid="clsid:dfeaf541-f3e1-4c24-acac-99c30715084a"><param name="src" value="data:application/x-silverlight-2," /><embed width="100%" height="100%" type="application/x-silverlight-2" src="data:application/x-silverlight-2," /> </object> <iframe id="_sl_historyFrame" style="visibility: hidden; height: 0px; width: 0px; border: 0px;" width="320" height="240"></iframe></div> </form> <pre>
- Note that you could also add access rules to the ClientBin folder where the Silverlight XAP resides. That way you’d be securing the XAP as well.
- Now you are ready to deploy. Just commit the last version to version control and push to BitBucket.