As promised here is the code from last night's presentation. Thanks to all who attended. Next month we'll continue to expand on this theme of building a data-centric Silverlight application. We'll attempt to tackle master-detail, validation, and maybe security.
I'll be giving another presentation on Wednesday for the TRINUG Web Application focus group at Channel Advisor (map). This will be a follow up form my last presentation a couple of months ago on data binding. I'll be walking through creating a simple WCF service for handling CRUD operations to a SQL Express database using LINQ. Then consuming the service in a Silverlight application.
In the last presentation we had enough people with laptops that it evolved into a hands-on lab which I thought turned out great. Things moved a little slower, but much more fun than looking at a Power Point card deck! I am hoping we do that again. To help with that the starting project can be downloaded here. It is just the base web project with a SQL Express database. To test it just build and run the project. You should see a grid view with three records.
There is a new developer tool from Microsoft that focus on helping developers produce consistent code for layout, readability and documentation. It comes with 200 best practice rules that are compatible with the default layout settings in both Visual Studio 2005 and Visual Studio 2008.
For more details:
http://code.msdn.microsoft.com/sourceanalysis
http://blogs.msdn.com/sourceanalysis
After spending most of the morning giving this a spin I am glad to finally have something to help keep me in line. I don't completely agree with all of the rules but I am willing to try anything to help me be a better developer.
I've been spending some time exploring Silverlight 2 and having a great time doing so. The more I work with it the more I realize its potential at being a game changer for creating Internet applications. The focus I have had is not so much on the rich eye popping user experience it can create, but more on how to build real world business applications. So after getting my head around using web services within Silverlight I began to explore role-based security. I came across an excelling blog post by Brad Abrams entitled "Accessing the ASP.NET Authentication, Profile and Role Service in Silverlight". It is a great example on how to use WCF to authenticate a user within a Silverlight application using the ASP.NET application services. However with Silverlight truly being a client-side application and not a stateless web page I wanted to see if there was support for a Principal and Identity objects much like we having in Windows and ASP.NET. What I found is that there are no classes implemented within the CLR used by Silverlight not even the GenericPrincipal and GenericIdentity but the interfaces IPrincipal and IIdentity are there to create our own.
To see how I did this you can download the source code here.
In the SilverlightPrincipalDemo project I added two classes called SilverlightPrincipal and SilverlightIdentity that each implement IPrincipal and IIdentity respectively. The SilverlightPrincipal class like other principal classes under the .NET framework will represent the identity and the roles of a user. These classes will also encapsulate the service calls to authenticate a user and retrieve the roles the user belongs to. Since Silverlight will only allow asynchronous service calls these classes also expose events that are used by the application to know when a authentication request has completed. This is also the reason why there is no constructor creating and authenticating a user. Instead the default constructor for SilverlightPrincipal will simply create an anonymous unauthenticated user with no roles assigned. To authenticate a user I added a Validate method to the SilverlightPrincipal class that will call the internal Validate method on the SilverlightIdentity class which will invoke the service call to authenticate the user. SilverlightPrincipal also subscribes to a custom event on the SilverlightIdentity class to be notified when the authentication request is completed. If the user is authenticated the SilverlightPrincipal class will then invoke a service call to retrieve the roles for the user. When the role service call is complete it will fire an event to notify the caller of the Validate method that the request is complete. This event is also fired if the user failed authentication.
Once these classes were created I exposed a read-only property of type SilverlightPrincipal in the App class called CurrentPrincipal so that the principal would be available globally. In the Page class I also created a CurrentPrincipal property that references the principal object in the App class. This was more for convenience. Here is the property in the page class.
1: /// <summary>
2: /// Provides a shortcut to the current application principal.
3: /// </summary>
4: public SilverlightPrincipal CurrentPrincipal
5: {
6: get { return (Application.Current as App).CurrentPrincipal; }
7: }
Here is a sample on using the SilverlightPrincipal class to authenticate a user.
1: //Set up Principal Event Handlers
2: CurrentPrincipal.PrincipalValidationRequestCompleted += CurrentPrincipal_PrincipalValidationRequestCompleted;
3:
4: //Authenticate User
5: CurrentPrincipal.Validate(userName, password);
When the event handler is called it can then update the UI based on the current principal. Here is an example.
1: // Enables/Disables buttons based on the current application principal.
2: LogInManager.IsEnabled = !CurrentPrincipal.Identity.IsAuthenticated;
3: LogInEmployee.IsEnabled = !CurrentPrincipal.Identity.IsAuthenticated;
4: LogOut.IsEnabled = CurrentPrincipal.Identity.IsAuthenticated;
5:
6: ManagerOnlyTask.IsEnabled = CurrentPrincipal.IsInRole("Management");
7: EmployeeOnlyTask.IsEnabled = CurrentPrincipal.IsInRole("Employee");
There is also a corresponding LogOut method in the SilverlightPrincipal class that will invoke a log out service call and then reset the identity back to an anonymous unauthenticated identity with no roles assigned. It also has an event that can be subscribed to so the UI can be updated.
I had the privilege last night to join a small group of fellow developers at the Carolina Ale House for Geek Happy Hour with Brad Abrams, and our DE Brain Hitney. Now it is not everyday you get to sit next to one of the forces that is responsible for your career and livelihood. It was great. Brad asked us about what we did, what we were using, and our opinions. Being the group that we are we're never really shy about expressing our opinions, and best of all you could tell you were being listen to. Another good example about how Microsoft is reaching out to their community base.