I have a Windows 8 app that I want to connect to a WCF Service hosted on Windows Azure - easy.
The tricky part is that I want to allow only Authenticated users (via their windows live account) to access my service, including being able to pass a unique identifier to the service to identify the user on the Azure hosted app.
All of this plumbing is available when you use Azure Mobile Services, but surely there must be a solution for a regular WCF app within azure.
Azure Mobile Services has a MobileServiceClient type that has all of the required functionality, but I need a regular Azure-hosted WCF equivalent
You can try pulling some of the content from the now deprecated Windows Azure Toolkit for Windows 8. For the moment the Release Preview version is available; it won't work as is since it's pre-RTM, but it should help jumpstart your effort.
I'll re-emphasize though that it's not supported and Windows Azure Mobile Services is the plan of record.
Related
I've seen that Azure App Service mobile apps can implement authentication for multiple identity providers via a single client SDK. If an app hosted on Azure App Service is using ASP.NET Core in the cloud, though, can its UWP or Windows Store client app also benefit from multiple identity providers via a single client SDK?
If yes, then how does that work? Does it use the same mobile client SDK?
If no, then how would I authenticate such a mobile client? Will I have to use individual provider SDKs?
I know ASP.NET Core is still prerelease, but I'm wondering:
What multi-provider authentication functionality is available from a mobile client now?
What such functionality is planned to be available when ASP.NET Core 1.0 is finally released?
What such functionality will likely be on the roadmap for the future?
Azure App Service provides authentication as a service. In other words, the client authenticates to the service, and the service passes on the authentication to you.
Underneath, the app service passes a number of authentication related app settings within environment variables that you can read via the normal method. The original JWT is also passed in via the X-ZUMO-AUTH header.
For your clients, probably the best way is to use the Azure Mobile Apps client SDKs - there are clients for .NET (Xamarin, UWP), JavaScript, iOS and Android. You don't need the data access functionality - just the client creation and login / loginAsync method calls.
For your server, take a look at the Authentication Overview for more information. You may also want to read some of the info in Chris Gillums blog for more technically details.
I currently have a Mobile Application that communicates through a WCF Service to access a Database. The Mobile App can access on the network as well as externally. It connects to the WCF Service which is hosted on one server inside the network. From there the WCF Service is pointing at another server which is hosting the Database that the Mobile Device is accessing.
With the above process how would you setup authentication using Active Directory which would confirm the user of the Mobile Application before it can access the WCF Service to confirm that the user is a member of AD and they can then login after authorization is complete. This would occur as the user opens up the Application. Would this be coded into the App to prompt for the information, then send the information to the WCF Service which would then allow access? If not this then are there any other ways or information/links that can be provided please?
Take a look at the BUILD 2013 videos. Visual Studio 2013 will create a webproject that will automagically do all that for you (I think). Just bare in mind, it uses the Microsoft.OWin.Security beta packages.
Also...you will need to install the AspNetWebTools2013 package first...
http://www.asp.net/visual-studio/overview/2013/creating-web-projects-in-visual-studio#orgauthoptions
I am new to Windows Azure and I have a question.
I have:
Web site which deployed to Windows Azure - The web site manage a table (add, edit, delete). I used this guide: Deploying an ASP.NET Web Application to a Windows Azure Web Site and SQL Database
Andorid application & iOS Application (Native Code).
Now, I want the mobile applications to get data (in JSON format) from the web site (and from the DB).
What is the best practice to do that?
I tried to create a Azure (WCF) Service (the project refrenced to the web site project) but I didn't succeded. If this is the way - Is anyone knows a good tutorial to do that?
Is there another option? Maybe from the web site itself?
Thank you very much,
Yuval
If you want to integrate with non-Microsoft technologies I suggest you take a look at the ASP.NET Web API which allows you to build REST services using content negotiation. Content negotiation allows your consumer to specify the format it requires (json, xml, ...).
To host the ASP.NET Web API in a Windows Azure Web Site you should take a look at Carlos' blog, he describes in detail what you need to do to make this work: Creating ASP.NET Web APIs on Azure Web Sites
Have you given ASP.NET Web API a look-see?
http://www.asp.net/web-api
I have been struggling with setting up an iOS (Objective-C) app which utilizes the Service Management APIs. I've successfully was able to get Storage API calls working fine, but from what I'm reading, one big difference between the two Azure APIs seems to be a matter of authentication. For reference, what I'd ideally like to do is setup a simple API call to list the Hosted Services accounts in an app (eventually geared for public deployment).
According to the API Azure documentation, the Service Management APIs require a management certificate (.cer) to be uploaded and then for the client to utilize that cert to authenticate the request. My hunch is that this will prevent an app like the one I want to create from being feasible by any means, since public users with devices containing the downloaded app won't have that cert or the ability to attach it programatically in the objective-c code.
Is my hunch correct on this? Is this a forlorn idea that should not be pursued? I would think for this to be possible, the user would be required to upload their device's cert file to Azure somehow, and then to somehow have the app use this cert for authentication. I'm a bit lost on where to even begin on that, even if it is possible. :(
Any helpful info would be greatly appreciated. I have a lot of experience in the iOS side of things, but specifically in authentication/certificates of this type, I unfortunately have minimal experience.
Thanks in advance!!
-Vincent
Actually, I have an app that does exactly what you're talking about. CloudTools for Windows Azure is an iOS app that uses the Azure Management Service API to perform Azure management. It's been on iTunes for over a year.
Your question is somewhat broad, but I can tell you that the certificate issues were by far the biggest issues in designing/developing the app. You can't store the certificate in keychain, because keychain works in a manner such as this: a) you request a remote url that requires a certificate; b) that url tells you that it needs a certificate and c) keychain provides an appropriate certificate. It's a multi-request process. That won't work for Azure, because Azure service management APIs expect the initial call to include the certificate.
I require the users to add their certificate through iTunes File Sharing (steps here). Of course, they have to upload the public key portion to Azure. Then, I provide the certificate and private key with each request. I use the HTTP library ASIHttpRequest, although I believe that the latest (iOS 5.x) Apple libraries have similar functionality.
I'd be happy to provide any further details if you have any follow-up questions.
With Windows Azure, if you are using Service Management API then you really need to have certificate based authentication to create a SSL tunnel between your machine which is requesting the connection and Windows Azure Management Portal. I am not sure how wide your iOS application distribution is.
My first thought is that why would you want to deploy Windows Azure application from an iOS application, are you going to build application in iOS devices and deploy? Windows Azure Application deployment is mostly done on client machines so, Azure application management on iOS is great idea, however Application deployment from iOS not sure why. May be you are on something big here.. In both cases you really need Service Management Certificate on iOS device. If it is an enterprise app where you can let users to install Service Management certificate, it would be easier for iOS devices to use Service Mgmt API.
So if you want to use Service Management API from a client iOS app, I think the best solution will be to have WCF service hosted in Windows Azure which is configured to directly connect with your Windows Azure Portal. And from your iOS app, you just make call to your WCF service. This is very popular method to access service management API (through WCF Service) from any client app (WP7, iOS, Android) and the client side code is very light. On other hand you may need to pay to host a WCF service on Windows Azure.
I am on a project that uses web services to communicate with hand held devices (Symbol MC70s running windows mobile 5).
We need to make sure that others on the internet can't connect to the web services and start sending info.
I have made a certificate so that the hand held will only connect to my services, but I don't know how to make sure that my services will only connect to my hand held devices.
My app is coded in the .NET Compact Framework and I am using Visual Studio 2008 SP1. My services are hosted in IIS and are coded with WCF in C# (.NET 3.5 sp1).
Any ideas?
Password-protect the services. Alternatively, authenticate the client by the client SSL certificate and issue those to your users.
No way to lock access down to a specific device. A device can be spoofed fairly easily.
When you say that you've "... made a certificate so that the hand held will only connect to my services", are you saying that the device uses https to the web service or that the device is locked down to only connect to the web service http URL?
Anyway, if you are concerned about the data pulled from the web service, you could encrypt it with a key known to your device.