Silverlight: The Good. The Bad. The Security?
Like a bolt from the blue, Microsoft drops Silverlight on an unsuspecting developer community! Well, sort of. We all have seen WPF/E and kicked the tires of XAML for some time now, but it wasn't until MIX07 that some fascinating details were brought to the fore, as it were, and now the pony is on display. And there's lots of excitement and buzz around this oddly-named technology; the bandwagon seems about to bust from all the jumpers-on.
(On a side note, it has even had the remarkable effect of lurching me out of blog hibernation.)
But wait. Before I start singing "Oh Hail All Ye Redmond" and get carried away on the Vector Train, I feel compelled to offer my own perspective on how this changes the life and times of a corporate software developer. This view certainly isn't everyone's, but here's the dealio as I see it.
I really hate browser apps. They suck on many levels. Markup-script-css-based applications are a pain in the neck. You've got state issues, browser compatibility issues, and maintenance issues. I understand their use when creating public-facing web sites, of course, and the ease of deployment. That deployment bennie is the drug that corporate management got hooked on. (And not just where I work. This is a worldwide epidemic.) Browser-based apps relieved some of the pain of deploying internal applications to the desktop. But one of the problems I've been trying to deal with for the past ten years is that corporate management won't give them up, even though dll hell is a thing of the past, and we now have a good, stable deployment system with ClickOnce. No, they want their browser applications, even for stuff completely inside the firewall. <sigh/> So for long years we developers have had to struggle with crappy underbaked technologies (the aforementioned markup-script-css), attempting to create rich interactive applications. [Note: Let me say that ASP.NET was a huge leap forward, but even with code-behind and all the goodness of the Framework, RIAs were still too hard to create and maintain.]
With Silverlight, we can actually create that RIA in the browser. Management can continue with their deluded view that browser apps are better, and it won't be as painful for developers. so now I have to re-phrase my stance that browser apps suck, and say that markup-script-based browser apps suck.
Silverlight applications will be a great fit for internal, intranet-type apps, where Active Directory and other Windows-centric security is firmly entrenched. As long as everything is entirely on the inside of the firewall, party on.
Silverlight applications will be a great fit for those few-but-high-profile applications where all users are anonymous and all users are provided the same services and information. If the transit authority wants to show bus routes, or the boys in London want to give you a vector-animated rendering of The Tube, that'd be easy peasy.
However, what I haven't seen, and what I'd like to see, is a best practices article from Microsoft on how to secure Silverlight applications for sensitive data in the wild.
Consider. For a markup-script-based browser app, we use Https to secure the communication between the client browser and the webserver. The webserver needs information from internal services, such as GetCustomerInvoice(CustomerNumber, InvoiceNumber). From the webserver in the DMZ to the internal service inside the firewall, there are a number of things we can do to harden that channel of communication. We all know this, and it's mission-critical that the right invoices get displayed to the right customers.
With Silverlight, the developer is extending that webserver-to-service call out into the wooly wilderness of the Internet. The call is being made from the browser, then proxied by the webserver, relayed inside the firewall to your corporate service (which should be a Wcf call, but could also be a Sql database). Should I be nervous about putting that code --- previously only available to those who can hack my webserver --- right out there on the client? How important do user SessionTokens become now, eh?
I'm excited about Silverlight. Coolness factor is off the hook. And honestly, I can't wait until I can say that the markup-script is dead. (I'll settle for mostly dead, even though mostly dead means a little alive.)
And I'm confident that these security issues will be worked out to most people's satisfaction. Looking forward that that whitepaper, Redmond.