SilverLight Get user or Windows Credentials

SilverLight hosted in ASPX with WCF integration to retrieve user Credentials:

First Setup IIS correctly:

1:Create a new AppPool in IIS and give it an identity with suitable privileges - Ill call it “NewAppPool”

2: In IIS add a new application “Example”

3. Edit the Basic Settings so your new app uses the “NewAppPool”

4. In Authentication –

· Disable Anonymous access

· Enable Windows Access


This example assumes you have an ASPX site hosting your SilverlightApplication and the ASPX Site also exposes a WCF service that you are using to get\send some data which requires some form of user authentication

In your WCF Config make sure you have your authentication scheme set to Negotiate. Windows or NTLM will not work when deployed on IIS. NTLM will only work on your ASP.NET Development server when you press F5.



        <binding name="MyApsxWebSite.MyService.customBinding0">

          <binaryMessageEncoding  />

          <httpTransport authenticationScheme="Negotiate" />




Now Configure your WCF service\Silverlight to work on IIS.

Wcf First and then ASPX binding’s:

In your binding in the web.config, comment out the IMetaDataExchange. This causes the infamous error “Security settings for this service require ‘Anonymous authentication but it is not enabled for the IIS application ….. ”. This endpoint forces your service to use Anonymous bindings, so remove it or change it..


<service name="MyApsxWebSite.MyService">

<endpoint address="" binding="customBinding" bindingConfiguration="MyApsxWebSite.MyService.customBinding0"

          contract="MyApsxWebSite.MyService" />

        <!--<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />-->



The system.web should be like below– Select Windows:


    <compilation debug="true" targetFramework="4.0" />

    <authentication mode="Windows">




· Now build\save and publish to your IIS location. I have intentionally not mentioned SL app yet.

· Once published and setup correctly in ISS Open your SL app in Visual Studio.

· If you had an existing service reference to this service delete it.

· Now add a new Service Reference and point it at http://MyMachineName/Myservice.svc

· Compile\Build the SL App

· Locate it in the ClientBin folder of your ASPX build location

· Copy it to your published ClientBin folder where IIS accesses it and replace the one that is there with this one.

· Run your service and you should be able to access user credentials by passing them to the SL app via InitParms(Not secure) in your aspx page hosting the SL app.

   <param name="initparams" value="UserAccount=<%=HttpContext.Current.User.Identity.Name%>" />


In SL retrieve them by

       private void Application_Startup(object sender, StartupEventArgs e)


           string UserID = e.InitParams["UserAccount"];


Or in WCF use the HttpContext to do as you require and limit windows access.

You should have your SL app running and retrieving the user credentials you require.

Really hope this helps!