I am using the SecretManager tool in aspnetcore to store a connection string during development to keep it out of source control.
This works just fine.
But now I want to publish the app to Azure. When it publishes, there is no connection string in appsettings.json so the app cannot connect to the database.
So how am I supposed to include the connection string?
If I simple add it to appsettings.json, does it not defeat the whole purpose of using the secrets manager? As now I have put a username and password into a document which is under source control.
Is there something I am missing? Am I supposed to FTP to the site and add it there?
You're supposed to put it in the Azure site settings. That's the preferred approach.
If your json looks like this:
{
"ConnectionStrings": {
"Context": "Server=(localdb)\\mssqllocaldb;Database=local-dev;Trusted_Connection=True"
}
}
You create a connection string with the name Context (alternatively a setting with the key ConnectionStrings:Context) and enter your connection string in the apps Application Settings page:
Just make sure you're using environment variables in your Startup:
var builder = new ConfigurationBuilder()
.AddEnvironmentVariables();
Related
I have created my first ASP Core MVC 3.1 app and published it in Azure. This works fine but I noticed that my settings.json file is visible in the root exposing my db connection string and Azure AD info.
I have been successful in 'hiding' the db connection string by adding a new connection string called Database in App Service>Settings>configuration. I named it the same as the entry in my settings.json file and it magically works. I have now removed this from the settings.json file.
In Startup I use
var connection = Configuration.GetConnectionString("Database");
services.AddDbContext<BookStoreContext>(options => options.UseSqlServer(connection));
The Azure login info is in an Array so I am not sure how I add this to the App Service Settings:
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "xxxx.onmicrosoft.com",
"TenantId": "xxxxxx-a2dd-4fde-bf8f-f75ab18b21ac",
"ClientId": "xxxxxxxxx-a9bb-4722-b615-6dcbdc646326",
"ClientSecret":xxxxxxxxxxxxxxxxxxxxxxxxxx",
"CallbackPath": "/signin-oidc"
},
In Startup I use:
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
Any help will be much appeciated.
Thanks,
According to my test, if you want to store array settings in Azure App Service configuration. You have two choices.
With Azure APP service window, you can store it like {"AzureAd:Domain" :""}
With App Service on Linux or Web App for Containers, you can store it like {"AzureAd_Domain" :""}
The Azure login info is in an Array so I am not sure how I add this to the App Service Settings
You can try to add these setting data with nested JSON key structure as below in Application settings.
For more information about setting configuration keys and values, please check these Docs:
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/configuration/?view=aspnetcore-5.0#configuration-keys-and-values
https://learn.microsoft.com/en-us/azure/app-service/configure-common#add-or-edit
I have created logic apps in Azure that uses my credential to connect to our SharePoint Online sites and then run without me being around. I want to perform more complex operations on the SharePoint sites and would prefer to create a C# Function App. However I cannot see a way to pass my credentials to the Microsoft.SharePoint.Client without my having to be there to authenticate. I have researched using a certificate but that requires admin approval which I cannot get. Is there a way for me to use the existing SharePoint Logic App connection, which has my credential information, and pass that to a custom Function App? Here's a quick image of how the connection looks in the Logic App. Instead of using the built in Azure action, I want to replace it with my custom Function App passing that connection to the function app.
Then I would need use that to somehow create the ClientContext:
var ctx = new ClientContext(siteUrl);
ctx.ExecutingWebRequest += (s, e) =>
{
e.WebRequestExecutor.RequestHeaders["Authorization"] = "Bearer " + authenticationResult.AccessToken;
};
return ctx;
Which could then be used against the SharePoint site:
using (ClientContext ctx = await csomHelper.GetClientContext(siteUrl))
{
Web web = ctx.Web;
ctx.Load(web);
ctx.ExecuteQuery();
log.LogInformation($"found site : {web.Title}");
}
While I believe there is no way to fetch the access token from an existing connection, you could expose your function app as a custom connector for use in logic apps.
Firstly, you would need an Azure AD app registration with appropriate permissions to sharepoint.
Then, while creating the custom connector, the security config should be Generic OAuth 2.0 with appropriate details of the Azure AD you created earlier.
And you can then use the custom connector in your logic app, which will trigger an OAuth flow similar to other connectors.
There is an official doc for creating a custom connector for an Azure AD protected Azure Function which is pretty similar and something that you can refer.
I'm new to ASP.NET Core. I am trying to develop a simple ASP.NET Core Web API. The API connects to the database server in the cloud. I stored the connection string in the appsettings.json, deployed the API to my local IIS, and ran the service. It worked fine. When I try to move the connection string to the environment variables and deploy again, the Web API does not work. The browser shows me "The page isn't working. HTTP error 500".
I have couple of questions to ask:
In a real world application, where should we store the connection string and deploy to the server since the user name and password is sensitive?
What's wrong with my Web API, since it wont work when the connection string is stored in the environment variables?
Thanks
You should try this
In Program.cs
WebHost
.CreateDefaultBuilder(args)
.ConfigureAppConfiguration(
(hostingContext, builder) =>
{
var environment = hostingContext.HostingEnvironment;
var configuration = new ConfigurationBuilder()
.SetBasePath(System.IO.Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{environment.EnvironmentName}.json", optional: true, reloadOnChange: true)
.Build();
//codes...
})
.UseStartup<Startup>()
.Build()
.Run();
and your file names should be like appsettings.Development.json, appsettings.Staging.json, ...
I answer your first question: If you want protect your username and password
You should use third-party applications (like consul)
You hash your configuration file. But this method does not make
sense.
You do write and use hard code. But not change except deploy.
I have a Sharepoint 2010 webpart that calls a WCF service.
I've created a service proxy and manually coded the endpoint, see below.
In a conventional WCF client I'd use the config files for the configuration and use transforms when I was buiding for deployment to different environments.
How would I achieve the same through a Sharepoint webpart? I want to put the configuration somewhere that it can be changed for different build configurations.
ie. For a local deployment during testing, then a test server, production. We're trying to automate this as much as possible.
Thanks,
Tim
UPDATE:
I'm aware that you need to put config data in the web.config file in sharepoint. I'm looking for a way to put these config settings into source control and have them automatically populate / deploy for different builds and environments.
namespace CombinedPortal.WcfClient {
public class FrameworkServiceProxy : IFrameworkService
{
private IFrameworkService _proxy;
public FrameworkServiceProxy()
{
var endpoint = new EndpointAddress("http://server:1234/FrameworkService.svc");
var binding = new WSHttpBinding(SecurityMode.None);
_proxy = new ChannelFactory<IFrameworkService>(binding, endpoint).CreateChannel();
}
public Framework GetCurrentFramework(double uniqueLearnerNumber)
{
var fw = _proxy.GetCurrentFramework(uniqueLearnerNumber);
return fw;
}
} }
Your code is C# code which executes on the server.
When then user presses a button on a web part there is a POST back to the Sharepoint web server, where the C# code executes.
It is therefore the web.config of your SharePoint site which is used.
I'm relying on a server backend for my WP7 app.
The server part is to be installed by the administrator on a host computer (not important).
I have to change the url in the app dynamically the first time the app is running on the phone (the user will be prompted to enter the url, and it will be saved in the isolated storage on the phone)
Question is: How do I change the url from the default app to point to the new url given by the user.
The webservice is a WCF service which holds all the data properties and collections, those I need in my app.
Let me know if
Actually I needed to change the url on the generated *Client.
So it looks like:
client.Endpoint.Address = new EndpointAddress(new Uri("http://server/service.svc);
If you're using c# you can change the service url by changing the url property on you serviceobject.
Service myService = new Service();
myService.Url = UrlToService;
myService.doLotsOfStuff();
Assuming its the same as full .NET, try this
WebSerivce.url = UrlFromUser.