I'm working on an exercise and i want a help. So far I have to created an MVC4 Internet Application using C# and uploaded it to azure as a web site (custom create with sql server). Now I want to create a web service to use the same database that my web application is using. How I can do it?
I found an option when you create a new project (C#->Cloud Project-> Windows Azure Cloud Service)
Note that then i want to use the web service with workflow based service
Thank you
Connections to SQL Azure are just Connection Strings. This isn't any different than creating applications on premises or hosting them elsewhere. Get the connection string of your existing Azure SQL Database and then use that when setting up your database calls in your web service project. You can get the connection string from the Windows Azure Management portal. Dig down to the database and there will be a Show Connection Strings option on the dashboard page for the database. See this documentation if you aren't familiar with working with connection strings Azure SQL: http://msdn.microsoft.com/en-us/library/windowsazure/ee336282.aspx
Note that Azure SQL Databases do not support integrated windows authentication, so the connection string will contain the username and password. You may want to look into securing that information in your configuration.
Related
I am creating .Net Core 5 windows service (using worker process template) which has azure SQL DB implementation.
I have a requirement to create a SQL connection string without userid and password.
I know there is something called Managed Identities however so far I read it only talks about
achieving this for azure APP services. Could not find any example with .Net Core worker service
As I am creating windows service and it will be deployed in multiple VMs how to create connection string without userid and password?
On workaround try with these
1) Azure AD token, Use the Azure Active directory for Azure SQL Server Authentication
This authentication method allows middle-tier services to obtain JSON Web Tokens (JWT) to connect to the database in SQL Database, the SQL Managed Instance, or Azure Synapse by obtaining a token from Azure AD. This method enables various application scenarios including service identities, service principals, and applications using certificate-based authentication. You must complete four basic steps to use Azure AD token authentication:
Register your application with Azure Active Directory and get the
client ID for your code.
Create a database user representing the application.
Create a certificate on the client computer runs the application.
Add the certificate as a key for your application.
Example:
string ConnectionString = #"Data Source=n9lxnyuzhv.database.windows.net; Initial Catalog=testdb;";
SqlConnection conn = new SqlConnection(ConnectionString);
conn.AccessToken = "Your JWT token";
conn.Open();
For more details refer this document: https://learn.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-configure?tabs=azure-powershell
2)
Try with the storing the connection string(sensitive information ) in Azure Key Vault and retrieving it dynamically for establishing database connection.
For more details refer this document :
https://learn.microsoft.com/en-us/azure/key-vault/general/tutorial-net-create-vault-azure-web-app
I recommend that you follow these steps.
Set up managed identity on your VMs
Create a managed identity on each of the VMs.
Grant these managed identities access to the Azure SQL database by creating a contained database user, and assigning the right permissions to these users.
See this documentation page, up to and including the "Create contained user" section.
Leverage managed identity from your application
The recent versions of the .NET SQL driver, Microsoft.Data.SqlClient, can handle the process of acquiring a token from Azure Active Directory and using it during the SQL queries. This replaces the common authentication method of using a username and password in the connection string.
This means that as a consumer, you don't need to deal with the token acquisition process, nor the caching or the renewal of the tokens.
A couple of resources to do this:
Official Microsoft documentation: https://learn.microsoft.com/en-us/sql/connect/ado-net/sql/azure-active-directory-authentication?view=sql-server-ver15.
A blog post I wrote showing how to leverage the newer versions of Microsoft.Data.SqlClient: https://mderriey.com/2021/07/23/new-easy-way-to-use-aad-auth-with-azure-sql/.
I'm evaluating Xamarin and Azure. I would like to use App Service as a backend store.
I downloaded the C# backend and the Xamarin.Forms client application
I published the backend but it doesn't create the TodoItem table in my SQL Azure database.
It's possible to create this table by selecting the Node.js backend and click the Create TodoItem table. After this, the client application works nicely.
So, is there something to do for the C# backend to create the tables at startup?
is there something to do for the C# backend to create the tables at startup?
1.Add the data connection for Azure mobile service
2.Download the C# backend, and publish it to Azure. Make sure that conection string is the same as azure mobile App.
3.After that we could visit the browser
(http://yourmobilesitename.azurewebsites.net/tables/todoitem?ZUMO-API-VERSION=2.0.0)
it will create todoitem table for us automatically.
4.Check it from the VS Server Explorer
Note: If we want to connect the Azure SQL, we need to add the client ip in the Azure SQL firewall to allow our client to connect.
Another way is that we could use code-first migration easily to do that. I created a demo before, more detail please refer to another SO thread. We also could get more info from this tutorials.
I am currently developing several applications, mostly hosted on Azure : an Excel add-in (Office Apps) that calls an API hosted on Azure, a web application hosted on Azure, and probably other applications later.
To authenticate users, I use Azure Active Directory (Azure AD), based on Token authentication for the web API, and OpenID for the web application. Every call to the API or web app is thus authenticated thanks to the Azure AD, so Role-Based Access Control can be implemented in the application layer.
These API/apps are often calling an Azure SQL database and my question is the following : is it possible to use the authenticated user (from Azure AD) to also authenticate the database access ?
Currently, database credentials are hardcoded in the connection string (the login is created for the application), but this does not allow strict DB access control rules.
Additional information : integrated authentication (using Windows user) is not possible, because Windows login and Azure login are different in my organization : Azure and Windows Active Directories are different.
Thanks a lot for your help.
Yes, Azure SQL Server supports Azure Active Directory authentication. This article describes how to set it up: https://learn.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication
Your database needs to be V12 for this feature. If it is not you can upgrade it to V12.
You can then connect to your database with a connectionstring like:
string ConnectionString = #"Data Source=n9lxnyuzhv.database.windows.net; Authentication=Active Directory Integrated; Initial Catalog=testdb;";
SqlConnection conn = new SqlConnection(ConnectionString);
conn.Open();
I have a website, but some of the back-end infrastructure is little slow.
So I am planning to get help from CLOUD, I haven't decided which one yet.
I need to know does Microsoft Cloud does the same thing.
What I need is following,
1) Have database on external web resource.
2) Have code and http enabled methods that I will write in C# and place it on Cloud.
3) And call the methods in step 3 from my asp.net MVC wesite's codebehind and client side(javascript).
I need to know if I get support from Microsoft Cloud platform, will I get the solution required in above 3 mentioned points?
And if I get support from Microsoft Cloud, then the coding syntax for SQL, will be same as if I run queries against normal SQL Server database
Thanks,
If I am understanding you correctly in that you are looking to have a cloud hosted SQL database and HTTP access to this database through custom C# code, then yes to all three of these.
You can set up your database as an Azure SQL database and create an ASP.NET WebAPI application to open up your database to HTTP calls as you see fit. Then you can use the REST client of your choice to access your database from your MVC controllers or through Javascript in your views.
Also, yes, SQL syntax for Azure SQL is the same as for regular SQL Server.
I deployed my MVC application on the WindowsAzure staging environment. I used universal provider for membership. But i am little bit confused.
My confusion is that i created some accounts on my local machine now after deployment when i am trying to access those accounts in cloud, i got error message incorrect username or password but if i am accessing those accounts from my local machine, then there was no error message. I did`nt change the connection string. Can anybody please explain me the concept or give me some reference link ?
As you asked for concept on how it works, i can explain it. When you are using ASP.NET Universal Providers in your MVC app, there must a database where it can be configured. In most cases SQLExpress is the local database used by Universal Providers to store the membership details.
Now when you deploy your application to Windows Azure as Cloud Service there is no local database configured so your default configuration to Universal Providers will not work. The best way to solve this problem is to configure your MVC application universal providers to use SQL Database even when you are testing locally. Once local tests are completed and your deploy your application to Windows Azure, because your application is still pointing to SQL Database, it will work without any problem (considering you have configured SQL Database properly).
This particular article shows different connection strings used in MVC application to connect with SQLExpress or SQL Database so you can use it to modify your SQL DB.
You'll want to set an explicit <machineKey> in your web.config. That key is used for a number of things relating to sessions and membership (like cookies and passwords). If you don't specify the key explicitly, Windows Azure chooses one for you on each deployment, which will invalidate existing auth cookies and stored passwords.