I have a web application done in razor and i want to convert it to a normal client application. So what i thought of is to self host that web application and serve it through WebControl in WinForms, i already done this using owin. However the self hosted application can also be accessed through a browser or any external machine if privileges are given. My question here, how to prevent any external browser from accessing my self hosted owin web app, and still connect through the my client's internal browser ?
Related
Basic question: how does one setup a web application and web services where they use windows authentication to connect the web application to the web service?
I have inherited an application written in asp.net 2.0 and am working to migrate it to asp.net 4.8. The solution is designed with a project for the web UI and a project for the web services. I have deployed both projects to an IIS site on a Windows 2019 server as separate applications on the same server in the Default Web Site. Each has their own application pool with AppPoolIdentity as the identity and both use Windows Authentication method and have all other authentication methods disabled. Each application is set to use pass-through-authentication when connecting.
When I run the UI application project it tries to call the first web service and I get 401 Unauthorized at the web service call. I have added some logging in the web application and the web service and can see it is authenticating me on the web application and verified the exact url (http://localhost/{appname}/authenticate.asmx) being used to call the web service but it is rejecting the attempt to access the web service with the 401 Unauthorized error from the web application. When I independently access the webservice it is accessible, authenticates me, and works as expected verified by logging output.
What do I need to change to get the application to connect to the web service with the same authenticated user? Do I need to change the AppPoolIdentity to something else like a service account or set it to Network Service or something else? I would have thought the UI application would pass-through the authenticated user to the web wervice but that must not be happening and I am not sure what to set to enable that connectivity.
Thank you in advance.
Current Scenario that works well:
I have a .NET solution that contains 2 projects - Web Application and a Web API Project.
When I need to Publish - I am publishing Web Application first and then Web API project on the Web Server. I am using IP Address to Communicate from Web Application to Call Web API Controllers.
The client now needs this Application to be published to two different web servers that of course have different IPs.
How do I publish because I am using an IP address that is different for both the web servers?
Even if I use hostname/server name, I would get into the same issue of both being different.
Will you have 2 different databases?
I didnt not understand you clearly what is the problem here, if you host Web Application on serv1 and Web API on serv2, Web Application will use serv2 IP address to access the Web API, usualy Web API does not need to access to the Web application since is used just to store and revive data from someware but if u need to push something to the Web Application, Web API will use serv1 IP address to access.
If the WebApp is in angular/react then create the build from VS Code or whichever ide you are using.
If as WebApp you are using Razor/Mvc then remove all the references and then at every call instead of having the call directly have a web api call.
Web Api can be published independently if no references are attached to it.
I have a windows application which shows web page hosted in a website. Because of confidentiality, I don't want to show URL to the user. As this website is hosted on IIS and so user can access website directly through browser if he/she knows URL.
How can I block access of website via browser but not through windows application?
P.S. this website is third pary product hosted on my machine and I cannot do any code change into it.
If you can't make any code changes to the website, it will not be possible to block access based on which system is calling the URL using IIS alone.
One approach would be to put the webserver behind a firewall and implement an authentication / authorization mechanism between your application and the firewall.
I am deploying a .NET web service that connects to a database.
When a user within the domain connects to the webservice, I want their identity to be known by the webservice (since a subsequent call to the DB from the webservice uses a USER_ID() function to know which user is making the request).
The app pool that is running the web service is configured to run under a domain account that allows access to the database. When I query the web service, it is connecting as that account of the app pool, and not the user that is calling the web service.
I have tried various different impersonation configurations but I can't get the web service to interpret the caller's identity. Can anyone advise what I am doing wrong? Is the fact that my app pool that is running under a named account causing the problem? Should it be configured to something else?
No, it's not the app pool's problem. Impersonation has to be also set from configuration files which in fact, it's probably already been specified.
Now, you didn't mention what of service you are using. For the service to be aware of who is making the request through impersonation the service must be running in asp.net compatibility mode so it can participate in the asp.net pipeline. It's a pretty basic topic, but if you need more info, then refer to the MSDN article below
http://msdn.microsoft.com/en-us/library/system.servicemodel.activation.aspnetcompatibilityrequirementsattribute(v=vs.110).aspx
Leo
I am trying to connect to an AX-based web service through ASP.Net and C# but, when I publish my application, querying the web service results in "System.ServiceModel.FaultException: You cannot log on to Microsoft Dynamics AX." However, when I connect to the same web service through a C# console application, the querying works fine. I have copied the code from the console application into the ASP.Net application so that I have ensured that I have done nothing different.
I cannot figure out what the problem could be. I'm sure it's simple but I am at a loss. Any help?
This should be a permissions problem. When you launch the console app it executes through the current user (you, probably you have permissions to connect). When the asp.net site connects it uses an IIS user that needs to have permissions on AX too.