none
Azure and Silverlight how to do it help please?

    Question

  • We are evaluating Silverlight and Azure. There is unfortunately little support and documentation from the Azure team about how securely perform the following:

     

    1.      Create a client Silverlight application

    2.      Store (Add, Delete, Update) data in the Azure Tables (NO SQL).

    3.      Retrieve the data from Silverlight (securely without exposing the Azure-Tables keys  required to access Tables in Azure).

    4.      Best practices , tutorials and samples.

    Thursday, September 23, 2010 5:43 PM

Answers

  • It is possible. RIA services and OData make it comparatively painless.

    As a general rule, don't ever have the Silverlight app go directly after your storage. Instead, co-host services (wcf, odata, etc..) with the silverlight hosting application and use them to handle back-end updates. This allows you to put a layer of security between the client and the datastores while also ensuring that any necessary business functionality/validation is performed.

     

    This might be a good starting point for you: http://blogs.msdn.com/b/jackgr/archive/2010/04/20/silverlight-samples-for-odata-over-sql-azure-with-appfabric-access-control.aspx

    This blog addresses only Azure - SQL. This is my point there is little information about tables. Hard to make a decision about Azure when this question has no good answers. Thanks
    • Marked as answer by Georgemoon Friday, October 01, 2010 4:28 PM
    Thursday, September 23, 2010 8:53 PM
  • Hi George. Silverlight and Azure are a great combination. You will need to put your code to work with Azure tables in a web service, which I woud recommend you host in Azure. If your web service is hosted in Azure, then its communication with Azure storage will be fully in-cloud and there won't be any concern about eavesdropping. You will want to make sure communication from Silverlight to the web service is secure.
    David Pallmann, Director, .NET Application Development, Neudesic
    • Marked as answer by Mog Liang Friday, October 01, 2010 7:46 AM
    Friday, September 24, 2010 12:41 AM

All replies

  • We are evaluating Silverlight and Azure as part of our learning and research for a project. There is unfortunately little support and documentation from the Azure team about how securely perform the following:

     

    1.      Create a client Silverlight application

    2.      Store (Add, Delete, Update) data in the Azure Tables (NO SQL).

    3.      Retrieve the data from Silverlight (securely without exposing the Azure-Tables keys  required to access Tables in Azure).

    4.      Best practices , tutorials and samples.

    Please help!

    • Merged by Mog Liang Friday, September 24, 2010 2:40 AM
    Thursday, September 23, 2010 5:30 PM
  • It is possible. RIA services and OData make it comparatively painless.

    As a general rule, don't ever have the Silverlight app go directly after your storage. Instead, co-host services (wcf, odata, etc..) with the silverlight hosting application and use them to handle back-end updates. This allows you to put a layer of security between the client and the datastores while also ensuring that any necessary business functionality/validation is performed.

     

    This might be a good starting point for you: http://blogs.msdn.com/b/jackgr/archive/2010/04/20/silverlight-samples-for-odata-over-sql-azure-with-appfabric-access-control.aspx

    Thursday, September 23, 2010 6:22 PM
  • Hi,

    Please take a look at http://obdotnet.blogspot.com/2009/12/beginner-guide-to-work-with-azure-table.html . Hopefully this will get you started with Silverlight and Table Storage.

    Hope this helps.

    Thanks

    Gaurav Mantri

    Cerebrata Software

    http://www.cerebrata.com

    Thursday, September 23, 2010 6:22 PM
  • Thank you for the information. One more question. When searching for answers about the question I posted; found information regarding concerns with using the combination of Silverlight and Azure tables. The concer was that the client silverligth would expose the StorageCredentials and the code atatche to it.

    Can we use Odata / WCF and silverligth (REST?) and pass the information securely? What other concerns about security should we have wehn using Silverlight/Rest and Azure/Storage-tables?

    Thanks for your help!

     

     

    Thursday, September 23, 2010 8:25 PM
  • It is possible. RIA services and OData make it comparatively painless.

    As a general rule, don't ever have the Silverlight app go directly after your storage. Instead, co-host services (wcf, odata, etc..) with the silverlight hosting application and use them to handle back-end updates. This allows you to put a layer of security between the client and the datastores while also ensuring that any necessary business functionality/validation is performed.

     

    This might be a good starting point for you: http://blogs.msdn.com/b/jackgr/archive/2010/04/20/silverlight-samples-for-odata-over-sql-azure-with-appfabric-access-control.aspx

    This blog addresses only Azure - SQL. This is my point there is little information about tables. Hard to make a decision about Azure when this question has no good answers. Thanks
    • Marked as answer by Georgemoon Friday, October 01, 2010 4:28 PM
    Thursday, September 23, 2010 8:53 PM
  • The backend storage is irrelavent. The point is to expose the data via your own services and not put any client credentials into rich client apps. Those clients reside in the hands of your users and therefore, you'll be essentially handing them the keys to the kingdom if you do this.

    You can expose your back end storage via RIA, WCF, oData... use whatever approach you prefer just make sure those layers properly validate any calls.

    Thursday, September 23, 2010 10:47 PM
  • Hi George. Silverlight and Azure are a great combination. You will need to put your code to work with Azure tables in a web service, which I woud recommend you host in Azure. If your web service is hosted in Azure, then its communication with Azure storage will be fully in-cloud and there won't be any concern about eavesdropping. You will want to make sure communication from Silverlight to the web service is secure.
    David Pallmann, Director, .NET Application Development, Neudesic
    • Marked as answer by Mog Liang Friday, October 01, 2010 7:46 AM
    Friday, September 24, 2010 12:41 AM
  • Thank you David.

     

     

    Friday, September 24, 2010 3:41 AM