Last week this was our major research item.How to make Silverlight call a WCF service which needs Windows authentication?
In the ideal scenario ,if the user is already logged in with right windows credentials the system(here Silverlight) should not ask for user name and password again.Silverlight should recognize the user and pass those credentials automatically into the WCF service.We implemented the WCF service with Windows credentials and made the hosting ASP.Net application's authentication to Windows.But it was asking for the user name and password when we call the service from Silverlight.Really that dialog is ugly when comparing to the rich UI of Silverlight.The reason for this is under normal circumstances Silverlight can't access the windows credentials of user.
Avoiding the windows login dialog box
After a tough research, one of my colleague find out a solution to get rid of this windows authentication dialog.The solution is simple.Just add the name of website where the service is hosted, into trusted sites collection of browser.
But this solution has a draw back.The end user has to do this configuration in browser.We can't always expect them to do this setting.So the better way is to create a Silverlight authentication page which accept the windows credentials and call a login service to authenticate the user using the provided credentials.Once we get the user name and password we can easily authenticate the user by calling some native methods.
So if the user has setup the browser settings the Silverlight won't show the authentication dialog.Else show the Silverlight dialog and ask user to enter his windows login details again.
Again another question comes, whether the user will/can trust the website which asks for his windows credentials ? In that scenario forget the rich UI of Silverlight show them the native windows login dialog box...
Some references
Happy Independence day to all My Indians.