I have an ASP.NET Core web app running on IIS. It's using ASP.NET Identity standard user/pass authentication and IdP initiated SSO for certain clients.
Now I need to get some of the web app features to MS Teams. I have gone through the MS Teams dev portal and have a test application up and running. The sample app itself is a Blazor app that we need to install as a separate application (let's say on an Azure app service or IIS).
Is it possible to have the Teams & my existing web application in the same project so that I don't have to create a separate site?
The reason is web app is multi-tenant enabled and have a API layer which anyway will have to be used by Teams app. So, if I can put these two together it may be easy? So in my solution, teams will have separate set of views/controls etc..
I am not sure whether my thought process is wrong in this case. Questions here and here doesn't seem to answer my requirement.
Anyway is this possible?
yes it is possible you can run multiple projects in MS teams the difference would be that they will be having different api endpoints and will be called by different names vice versa. I cant get to know what you exactly want to know but I hope it will help you.
Related
I am building a service-oriented system for personal use (plus few friends may have limited access as well) - the aim is to have a dashboard for controlling my apps running on various machines such as Raspberry Pis (and potentially to be expanded to a VPS or few in future).
The architecture itself is pretty simple. For authentication I want to use AWS Cognito. Services would communicate with WebAPI (and potentially with eachother) using gRPC within a VPN, and dashboard would be served by Blazor server-side (may move to Blazor WASM Hosted model if I find a need for it). Each of the processes may or may not be on the same machine as any other (depending on the purpose). Blazor server may or may not run within VPN (I might want to move it to a separate web hosting later).
I created a simple diagram to visualize it:
The problem comes with authentication. I want to have Blazor server-side and API as a separate processes (for now they're going to run on the same machine, but I may want to move it elsewhere eventually). Ideally authentication should be handled by API, so authentication is client-agnostic, and the API can use it to verify if the logged in user can perform an action - which by itself is simple.
However, I want Blazor server to use and validate that token as well in order to determine what to display to the user. I want to do with the least amount of calls possible - ideally avoiding querying API for every 'should I display it or not?' choice.
I could easily do it by sacrificing possibility to move API elsewhere, and just merge Blazor Server and API Gateway into one project. For my current purpose it would be enough, but it's not an ideal solution, so first I want to look into how could I achieve my original vision.
How could I achieve this (with minimal amount of Blazor server to API queries)?
I was googling for solution a lot, but so far only found either examples of using Blazor server and API as one project, or using client-side calls to API directly.
Thank you good folks in advance.
I need to create an application (Mobile) and a Web application. It needs to use the same database so the same user authentication is required.
Can anyone give me such a demo or an idea where to begin.
I have looked into identity but I see that it is not compatible with Xamarin.
Expected result would be a cross platform login provider
my recommendation is to create one web service that can connect to the db and your mobile app and web app make http get/post calls to the web service. This also means you get to keep db logic in one place instead of duplicated across the applications.
The web app and mobile app should get some kind of authorization token (such as bearer) from the webservice to ensure no ones else is hitting the api.
This question has been asked so many times, and a quick search came up with lot of results. But I haven’t gotten satisfactory answer yet.
We have 2 web applications ( and we may have more in future) App1 is .Net 4 Silverlight Application and App2 is Node.js/Angular application. Both applications have different domains. www.app1.com and www.app2.com The App1 is hosted in IIS and App2 is NOT in IIS
Now, we have to implement Single Sign On Feature to support these applications. I was looking into ASP.NET Identity which is available in .Net 4.5.
Questions
1. So I thought of creating new MVC 5 application using .Net 4.5 that could serve as SSO site. If possible I wanted to use our own SQL server to maintain the credentials. But I am not sure how to share authentication ticket/cookie between sites. I have done this before using Forms Authentication where I had to use same machine key on all websites. But those were all .net applications. However with new identity framework and OWIN and with different types of applications i am not sure. So before I jump into it and start developing I wanted to know is it recommended approach, and if yes, can someone point me in the right direction. An article would greatly help.
2.Second options is to use Azure AD, but I am assuming we have to pay for it( we have MSDN sub) and we do not have local active directory either. Is Azure AD is the right option here? Does it work with Node.Js/Angular application. With Azure AD I guess App1 I may have to upgrade it to .Net 4.5
I'm building a website from scratch using ASP.NET MVC 4.
The application is hosted on Windows Azure.
It's a rather basic website application.
Next, I would like to authenticate my users.
The authentication requirements are, again, rather basic and straight forward.
I did some reading, and it seems that the best two options for me to achieve users authentication are:
1. ASP.NET SimpleMembership
2. Windows Azure Active Directory Access Control
Now, my questions are, which one should I choose? which one is more secured?
It is dependent on what you want. WAAD -ACS gives you option to integrate various identity providers like google,yahoo etc or federate with Active directory services.
But if do not want such options and simply use your existing asp.net membership you can do that as well.
I'm currently planning the creation of a mobile application for ios and android.
The application will permit to the end-user to manage and see the progress of its projects. (Web creation company).
The application will have:
Project management (multiple)
View progress
View tasks
View hours
View files
View messages
Login/Logout form + Profile/Edit Profile section
Send/Reply Messages
Add comment on tasks and files
The question is: What is the best way to create an API (Restful or something else) using the Zend Framework?
This API must and will be integrated to a custom-made Projects Management System and a MySQL DB.
I just working on PHP API (no matter if API is for mobile platforms or another webs) and after realizing between SOAP and REST I chose a RESTful API and I can recommend it...
Zend Framework has components for both of mentioned approaches, but REST is easier and more understandable in comp. with SOAP...
The one thing what you have to think about is logging, you can use HTTP Auth or OAuth (HTTP autentification is easier), but better approach according to me is generate unique API KEY for your users (each user should have own KEY) and this KEY ensure you can recognize user and a security risk is minimal because user do not have to send login and password inside HTTP request (security risk) and in case of KEY is catched on WIFI or infrastructure, hacker do not get user logins to web application, only for API where propably will not be all features what main web app offer.
And if you set some time expiration for you KEYs or IP restriction for KEY, than you can make it more safe:)
Some tip for the end: Implement API as new separated ZF module.
One of the best stuffs I have noticed so far is http://getfrapi.com/
It makes use of everything from Zend to Pear. May be you should checkout the video http://www.youtube.com/watch?v=vJVQi7ZFSaQ