Sharing authentication across asp.net mvc 3 website and silverlight 4 business application via RIA Services

I have an asp.net MVC 3 website and a silverlight 4 business application. Separately, they both use the asp membership system (the silverlight app through RIA Services). I can run them both separately and create users or login from either the website or Silverlight business app. In this respect, they also share the same database, so registering a user from either one will go to the same tables in the same database.

What I would like to do is host the Silverlight business app in the MVC 3 website and share authentication across the two. This means that the website will have a link to launch the silverlight app, so if 开发者_高级运维I login through the website and launch the silverlight app, I would like the silverlight app to know I am logged in already.

Alternatively, I would like to be able to launch the silverlight app as a standalone desktop application and login through RIA Services there. This part I can do already, but I need to maintain that.

Does anyone have any good ideas of how to host a Silverlight business app in an MVC 3 website and share authentication? Is there a way to convert the default web application that generates when you create a business app into an MVC 3 web application, and might that do the trick? Even if the website can't be MVC, can the authentication sharing be done?

Sorry for the complex description, any help is appreciated. I really am at a loss to find any tutorials or examples of this, which I figured would be a common desire.

If your Silverlight application was initially developed to handle login then you shouldn't have a problem doing this. You can authenticate from an ASP.NET MVC3 app (FormsAuthentication.SetAuthCookie) and have a view that hosts your Silverlight application. When the SL application starts up part of its process is to check if WebContext.Current.User.IsAuthenticated so it will take over from there, if the user is already authenticated your SL app should bypass it's login.

In the ASP.NET MVC3 application you can stick an [Authorize] on the controller for the view hosting the SL plugin. It won't display this view unless the user is authenticated.