Silverlight XAP file security
Question
I'm using a standard ASP.NET login page to protect a Silverlight XAP file – I don't want users to be able to download the XAP unless they login in.
To do this I added the following to system.web in the web application's web.config:
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="30" />
</authentication>
<authorization>
<deny users="?"/>
</authorization>
If I use the application using the Visual studio development web server then everything works as I expect. However, if I use IIS then you can browse and download the XAP without logging in.
Am I missing something or is this not possible?
2 answers
solution1
0 ACCPTED 2011-12-06 16:17:45
You would have to protect your directory in IIS itself in order to deny the user. Here's some information that should help you out: IIS Secure Content
solution2
-2 2011-12-06 15:46:46
To run Silverlight application, a browser need to download xap file. That's why it is impossible to protect your xap file from being downloaded.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.