A couple of weeks ago, I finished a project building a dashboard using Silverlight 3.0 (Also finally got to dig into using the Composite Application Guidance, PRISM. Will try to post some observations later).

One of the third party controls that I had to use was the Dundas Chart for .Net Silverlight Add on. This add on gives a Silverlight control that can be used to render Dundas charts within Silverlight.

So, on my dashboard, I wanted to consume a WCF service and bind the returned data to a chart. Digging into the API's and documentation, I looked and didn't see any standard support to do this. Instead, I saw sample code for binding to ODBC, OLE and SQL data sources by specifying connection string information directly in the Silverlight client code. Before taking advantage of these mechanisms for data binding, think twice! Silverlight is still client side code and it can be reflected (And I suspect the connection string being sent on the wire to the server component could be sniffed as well).

Looking at the doumentation about how the add on works, apparently the silverlight control talks to a server side ASP.Net component to render a chart image which the Silverlight control simply shows. Since the rendering is all happening server side, I'm surprised there is no way to specify a connection string in the Web.config via key, instead of exposing sensitive details in client side code. If I missed something, let me know.

As far as I know, the only way to render charts securily with client side data is to manually add series and xy points in code. Though effective, it doesn't feel like the most efficient use of developer time. I end up writing a data binding wrapper class that used reflection to allow consumers to specify properties of an Enmerable object for binding. I wrote this for a client, so I can't post any of the code, but that is the route I would recommend if you need to work with this component.