We have 3 tiered architecture:
Web Server - public (web application deployed) App Server - private (webApi deployed) Db Server - private (sql server installed) And my co-worker said, we have this architecture like this, because its a standard architecture that follows everywhere.
We have been using Asp.net application, where we can make api call from Web Server to App Server without any problem.
But now we have been converting our application from Server side to Client side, i.e. we'll only have js, html & css pages in web application, but problem is, we cannot call api using ajax directly from js, because of the two reason.
our App server is on different domain. App server is behind firewall, means it can only be accessed if we are connected to VPN, or we make a proxy on Web Server, and go through that channel. i.e. js<->Web Server Proxy<->App Server<->Db Server. We want to bypass Web Server from the channel, like: js<->App Server<->Db Server without connecting to VPN, because we don't require user to connect to VPN to use our web application.
Please give your suggestions. Thanks..
You have to enable CORS or cross origin resource sharing. You can research more on that but just want to give idea.
Related
I've read that application server can be accessed via API. But I don't get the mechanism of that process. Does it work like that?
So, as for me, firstly, client sends an HTTP request to a hardware server. Here we start to looking for some data. Then, we connect with application server via API. And then something that was found in hardware server changes with application server. And after all, client receives this changed file. Am I right?
And it looks like API always works only with application server. Is it true?
I'm having an issue with a project I'm working on. I have a Vue client which does API calls to my backend which is written in .NET Core 3.1. Both these applications are deployed on diffent servers.
Now the problem is that my backend server does not allow me to do API calls straight from the browser. So I have to do some kind of 'redirect' on the client server to reach my API.
So for example:
If I call backend_server/api/values I get an error (Firewall).
I think I should make like a second API or something, but I'm not sure how to handle this issue.
Does anybody have any experience on this? Any help is welcome!
Kind regards
You can have multiple options here
Remove the firewall rule -
This will allow your API to get hit from browser. If firewall is not managed by you you can't do this
Add IP or Port exception rule in firewall -
Instead of deactivating the entire inbound rule on server, you can allow specific ports or IP on firewall. Again if you have control on firewall
Create Proxy API -
Another way is you can create a middleware API that forwards your request and acts as a proxy. This will suffice performance, resource, time and compromise security. I recommend not to do this, But it's easily possible in .NET Core
Specify CORS policy -
If your Vue.js and API originates from same origin (IP), You can configure CORS in server which will restrict access to API only from same origin. That means only www.google.com can access GoogleAPI, Likewise. This will protect the API from other origins
Tunnel via VPN -
If security is a concern, Use a VPN service to tunnel your API requests. This can't be possible for every client using your web service.
The best way is to open a specific rule on server for your application if possible. Writing a proxy in between will have lot of disadvantages although can be accomplished.
There is a ready azure microservices that I need to build a client app against. There are 2 choices blazor server side and client side. Because the client side is not ready yet and has limited debugging capabilities I want to use blazor server side.
My question is if calling services from blazor server side is possible and if it is a good idea. To use it as a client app?
And also if it is possible to host blazor next to the microservices in azure?
I believe what you are asking is if it's acceptable to use the Blazor server side as a proxy to a microservice?
Technically, there's no reason that you couldn't. You would simply create an HttpClient to call your Microservice assuming that it exposes a REST API.
I'm not sure what you mean by, "..if it is possible to host blazor next to microservices in azure?" If you're using an Azure Web App to host your microservice, you would probably want to create a new Web App for your blazor server side app, otherwise you aren't really getting the benefit from the app service.
There are other options for configuring this type of architecture, but it all depends on your goals. Additionally, you might want to check out the following project:
https://github.com/Suchiman/BlazorDualMode
It will let you run blazor client and server side together. I've used it to help debug client side blazor apps.
I have a number of WCF 4.0 rest services on an internal application server which are accessed from a DMZ'd public facing web server. Essentially I am looking for the simplest way to restrict access to the services to calls from the web server and select internal accounts. It seems like a simple task of which I can find no simple answer.
Info:
IIS6 for both the web server and the application server
.NET 4
Web Server is not a part of a trusted domain
REST Services are 100% code.
Client calls are passing credentials via System.Net.CredentialCache.DefaultCredentials ( not sure if this is the way to go )
For the network part, you can disallow all IP's except the one of the ones you trust in IIS.
I am currently working on a silverlight client, making use of a web server, and an application server.
Most of the users sit within our firewall, so they do not have any problems accessing the WCF service running on the application server (through a Service.svc file).
However, some users will sit outside of our firewall, and only have access to the web server, and not to the application server (Where the WCF service is).
I am hoping someone could tell me if there is a way for the client to use the WCF service on the application server, through the web server, without rewriting the WCF service on the web server, and only relaying the calls through that server.
I hope this is a clear enough description of what I need.
Thanks
Sounds like what you want is a router service. Unfortunately, there's nothing built-in into WCF to do that (at least until .NET 4.0 with its RoutingService.).
You can certainly build it yourself, either by building a specific, one-off routing service (i.e. you implement the same contract and manually forward each operation to the service inside the firewall), or by building a generic, reusable routing service.
If you choose the second option, a couple of articles might help get you started.
Rather than have your Silverlight clients accessing the application server directly, route all the requests through a proxy service on the web server.
An example of this is the "Cross Domain Proxy" pattern.