I have lot of webapis which are developed and deployed independently.
Each API would have routing for ex:
api/FirstApi
api/SecondApi
These will be deployed under www.myapis.com/.
If I create application for each of the api(s) in IIS, I would access the api as follows
www.myapis.com/FirstApiApp/api/FirstApi
but I want to access it as.
EX: www.myapis.com/api/FirstApi
Or: www.myapis.com/api/SecondApi
I want to remove the application FirstApiApp OR SecondApiApp from the url.
Is it possible to configure this pattern in IIS?
You could have the following structure:
c:\inetpub\wwwroot\api\FirstApi
c:\inetpub\wwwroot\api\SecondApi
And then have a website in IIS mapped to c:\inetpub\wwwroot and inside the api folder you have the 2 applications configured like this:
This assumes that you should drop the api/FirstApi routing from your Web APIs and map them to / directly because the first part will be provided by IIS. If you don't do this the request will become www.myapis.com/api/FirstApi/api/FirstApi which is not the goal here.
This being said, personally I would recommend you against doing this. A better approach would be to have a reverse proxy such as nginx or HAProxy in front which will route requests to /api/FirstApi to for example backend_node:8080 and requests to /api/SecondApi to backend_node:8181. This would allow you to deploy your Web APIs in two separate website in IIS listening on two different ports and keep the routing job to the application layer and not the infrastructure.
Related
I'm having an issue with a project I'm working on. I have a Vue client which does API calls to my backend which is written in .NET Core 3.1. Both these applications are deployed on diffent servers.
Now the problem is that my backend server does not allow me to do API calls straight from the browser. So I have to do some kind of 'redirect' on the client server to reach my API.
So for example:
If I call backend_server/api/values I get an error (Firewall).
I think I should make like a second API or something, but I'm not sure how to handle this issue.
Does anybody have any experience on this? Any help is welcome!
Kind regards
You can have multiple options here
Remove the firewall rule -
This will allow your API to get hit from browser. If firewall is not managed by you you can't do this
Add IP or Port exception rule in firewall -
Instead of deactivating the entire inbound rule on server, you can allow specific ports or IP on firewall. Again if you have control on firewall
Create Proxy API -
Another way is you can create a middleware API that forwards your request and acts as a proxy. This will suffice performance, resource, time and compromise security. I recommend not to do this, But it's easily possible in .NET Core
Specify CORS policy -
If your Vue.js and API originates from same origin (IP), You can configure CORS in server which will restrict access to API only from same origin. That means only www.google.com can access GoogleAPI, Likewise. This will protect the API from other origins
Tunnel via VPN -
If security is a concern, Use a VPN service to tunnel your API requests. This can't be possible for every client using your web service.
The best way is to open a specific rule on server for your application if possible. Writing a proxy in between will have lot of disadvantages although can be accomplished.
I have two projects which are ASP.NET CORE servers (1 BackEnd and 1 Identity Server)
I would like the BackEnd to serve both apps on the same port and keep two separately runable projects.
How can I make this possible ? The purpose is to open only one port to the client.
Thanks in advance
I have two projects which are ASP.NET CORE servers (1 BackEnd and 1 Identity Server) I would like the BackEnd to serve both apps on the same port and keep two separately runable projects.
If your App(s) are hosted on IIS, you can try to deploy your BackEnd service and Identity Server in two separate applications under same web site as below.
Please note that the application's path would become part of the site's URL if we create an application in IIS. To make your Apps can work well, you may need to modify some code to include application's path in URL while you configure Identity Server to protect your BackEnd service.
In IIS, you need to set a binding for each web application. Then each web application will respond to requests for the corresponding binding.
I'm developing an Rest API in Node.js / express to expose resources (to Backend). And another web application that manages Sessions and interacts with the Rest API (to Frontend).
API and WEB_APP, is in same domain, with subdomain in both:
Backend: api.example.com
2 Frontend: www.example.com
The web application is accessed from client with angular.js.
The architecture would be for two situations:
Main_Rest_API <-> WEB_APP <-> Browser_User
Main_Rest_API <-> Rest_SDK <-> Client
My question is:
This architecture is consistent?
What would be the best way to implement this scheme?
Update:
I have to implement this architecture to provide Restfull via OAuth2 to third-party clients also
I don't really understand your question,
are you sure that you need separate servers for serving the web app and for the API? you'll need to handle cross domain requests this way.
if you don't actually need two servers, it'll be simpler to have one app, where /api/ routes (for example) are the REST API. then your AngularJS app can make AJAX requests to /api/
and / will serve the JavaScript web app.
again, I don't understand your question for the case you do need two separate servers.
I have two questions I hope I can get an answer for with regard to my service oriented application
I am creating a service oriented application where controls have no events, it's all done by calling services... that means the service url is written in my jQuery code, but this seems somehow not nice.... It's like what is the best option to save service urls?! I feel it's hard to maintain and not secure when it's written inside the page or inside javascript referenced file.
I am talking to a hosting company and they told me that I can host this application services on cloud server and the application on another servers.... not all in the same server, but my application services are self hosted, I mean the services are inside the application.... so to make things work as my hosting company wants, shall I host the restful services in IIS or how exactly?
Service URL must be in your page or script source file. It can be local address unless you are using cross domain calls and JSONP - cross domain calls requires absolute address. It is the same as any other web technology. If you want navigation to other page, you must provide URL. If you want some picture or css file you must provide URL. Security is up to you.
This will be the problem of cross domain calls. Normally JS calls can be done only to the same domain where the page is exposed. Once the application server is exposed on different domain name your calls will not work. To avoid that you must use JSONP (WCF 4 has support for that). Exposing rest services consumed by your application from self hosted application is strange. REST services are consumed by your clients - they are front-end services and should be part of your application hosted on front-end web server. Your back-end application server should not host anything directly accessible by your clients.
I am hosting a ASP.NET web site containing a wcf web service in IIS 7. The web service is exposed using a .svc file that resides inside the web site's virtual directory.
There's section is this document about optimizing the web service performance by removing unnecessary http modules:
http://msdn.microsoft.com/en-us/library/ee377061(v=bts.10).aspx
My question is how can I do that in the web config without affecting the web site? My ASP.NET web site contains authentication stuff and definitely requires some of those modules (eg, FormsAuthentication). Is there a way to enable those modules only for the web site but disable them when the clients access the web service?
Thanks
You should separete your project into two (web and Service).
After that, create a website into IIS and add those two application separatedly, like that:
That way you can handle different configurations for each site, and configure the modules for a especific "project" (like wcf service).