I'm new to azure, and I'm trying to setup a single page website(web api 2). How can I limit access to my services so only my website can use it?
I know that I can use app services to setup my web applications/services but as far as i understand it will be open to everyone.
I also read about APIs, but Api management service seems very expensive and advanced for such a simple task. Is there any options? Am I in the wrong track?
Update
Ok, I saw the link for filtering based on IP. But as I've mentioned that single page application also is hosted on Azure. There is no static IP. If that is the way, I still need to know how you will find out about the IPRange.
App Service to use different authentication providers Azure Active Directory,Facebook,Google,Microsoft,Twitter.
We can set any type of Authentication/Authorization in the Azure Portal.More info about how to use authentication for API Apps in Azure App Service, please refer to document.
i need to build this architecture and i need some orientation on "how should i build". I've read many docs and examples but i can't find and figure how to do trying to be efficient and secure:
External app (android app, ios app) where users, after a login, can access to their personal info and manage the account (updating personal data, showing personal documents related to their account and much more). The username / pwd input must be done only 1 time.
A public wcf service will receive their actions and will call to a another internal wcf service. It will work like a 'bridge'.
The internal wcf service will get the request and do the operations needed (logical and db operations). This will return data to the external wcf service and this one to the client (obvious).
UserName/PWD are stored in a database.
WCF services can only be accessed with the correct credentials and are IIS hosted.
So i find many problems/questions:
I don't know HOW and WHERE should I build the AUTH (internal, external, both?). How can i manage a session between wcf services and app clients to avoid sending credentials every time?
The client app needs to send credentials every time? This means every service requires to SELECT the database for checking the username?
SOAP? Rest Services? It doesn't care? (on internal wcf, external wcf, both?).
I need work with asp.NET sessions or i really don't need? I don't see how services that needs username/pwd that are called frequently and repeatedly are efficient without old asp.net sessions.
Thanks for your help and orientation.
Regards!
If someone interested... seems Routing Service seems to fit for my design and can solve my problem after some tests i have done.
We(our company) is hosting a asp.net C# Cloud Services with a Web Role for a Reporting WebSites.
Unfortunately, usage of the reporting Website is growth that original is only hosting with Medium Size VM and find out its having a memory leak that cause the Cloud Services is always down and stop working. End up we move to A7 VM(Okay, thats expensive) that solved our problem for 2-3 month.Somehow, new stuff develop new function develop that end up the memory is more than enough(its 56GB RAM) but the process is not really can fulfilled such expensive usage in the same time.
Looking for solution on the web and found out there was a shared cache that can be used.
We decided to move from A7 to XM VM (A7 not supported shared cache) and with a Dedicated Roles For Shared cahce.
What we wish to achieve is load balance between few instances(if one down, it will redirect to another instances) and having the dedicated roles stored all of our session stuff.Am i going the correct direction for this?
And if yes, how to achieve this? I look into this and is that really need to sign up a preview program for cache services for using this?
Appreciate for the advice and please point out my mistake if any.
**Somehow, after reading stuff from web i found out the above mention method is a new method and the old ways is In-Role Cache that i can see it from here. Is that possible to used this method for sharing Session State among multiple instances even if one of the instances is down and route to another instances that are available and used back the session?
The best option for you is to use the Windows Azure Cache Service (Preview). This will let you share session state among multiple instances of your application.
You will need to sign up for the preview service. the cache core is mature and customers are encouraged to use this service in their production applications.
This service lets you use the cache from multiple cloud services, allowing you to share data across applications too. Also, this removes the dependency for you to use XL VMs just because In-Role Cache wasn't supported on A7.
Also, to be clear, Cache has 3 flavors -
1. Shared Caching - This is a multi-tenant service and is being deprecated
2. In-Role Caching - Here the cache is deployed in your cloud service and can only be used from within the cloud service. This is of two types - Co-Located & Dedicated.
3. Cache Service (preview) - The newly released service.
There is nothing called Dedicated Shared Cache. :)
I'm contemplating the use of Amazon's CloudFront service to offload my web applications image/file storage from my web host.
Users of my app can upload images, the image is named and the path is stored in a database. I'm thinking of just having the app upload the image to CloudFront and then change the path to use the CloudFront service. Shouldn't be too hard...
I've read of other developers using CloudFront for static images and haven't seen too much about using it for the primary storage of images that can be uploaded/deleted at any time.
My app is ASP.NET MVC based, using C#. Has anyone used C# to setup an upload to CloudFront, from the user's uploaded file?
Anyone recommend against this? The pricing looks affordable and the speed looks fantastic. The only thing that comes to mind would be in developing it, are there any technical difficulties in developing this that I'm unaware of?
Should just be a simple file upload as long as my web app has write permissions, am I correct?
Thanks in advance!
As with all newer technologies, do expect a tat of technical difficulty somewhere along the road but from what I read, it seems relatively safe. For sake of disclosure, and balance, I should mention a 7 month study by the University of New South Wales in Australia found some notable inconsistencies in the bandwidth/responsiveness within individual cloud hosting providers.
Another concern is the possible hikes in pricing of "cloud" services. Providers are, at the moment, all in the process of getting market share; will they eventually try more realistic prices...
Another remark, however, is that it seems that your are keeping a traditionally hosted application and merely putting the file server in the cloud. This strikes me a bit as odd, since file serving is a cheap, easily scalable resource in the single-server type configuration (except of course if you plan on a home run and have your application see traffic like that of Google ;-) ). Could it be that the traditional hosting provider has hiked his per-Megabyte rate ?
Can anybody tell me what is meant by web services?
How do they work?
and more information about it.
Web services are typically application programming interfaces (API) or web APIs that can be accessed over a network, such as the Internet, and executed on a remote system hosting the requested services. --Wiki
Wiki has a good article on Web Services, you'll find a load of information there.
http://en.wikipedia.org/wiki/Web_service
As Andrew Tanenbaum and Maarten van Steen say in Distributed Systems - Principles and Paradigms, 2nd Edition: "a Web service is nothing but a traditional service (e.g., a naming service, a weather-reporting service, an electronic supplier, etc.) that is made available over the Internet". The main idea is that you have a client application that can use services provided (published) by a server application.
There are a couple of important things you should look into: one is the directory service which stores service descriptions, which should adhere to the UDDI standard. Another thing is that web services are described by the means of formal language (WSDL). And last, but not least, you need to specify how communication takes place: SOAP is a widely (probably most well-known) protocol in this sense.
Also, as can be noticed, be really careful about the standards (protocols, formal description language etc.), when implementing web services.
The ideas above have been taken from the aforementioned book (Distributed Systems - Principles and Paradigms, 2nd Edition, Andrew S. Tanenbaum, Maarten van Steen, 2007). For more programming language oriented books, you can check "Java Web Services: Up and Running" by Martin Kalin, O'Reilly, 2009 (did not read this but it is by a good publisher and it is new) and I am sure there are a lot of other good books out there.
Web services are just like a kind of framework, that you access over the Internet. That can be used for authentication, single sign-on, data access, etc. For instance, imagine a Twitter client. It can be a web application, a desktop application, or a mobile application. They all need to authentify a user, get the timeline, get the user tweets, and allow the user to post a new tweet. The aplication receives the data from the user, and transmit it to Twitter, by their web service. This is done by calling an URL on twitter.com with some parameters, depending on the web service format (soap, rest, etc). Then Twitter can process the action.
Web services allows applications to use, interact with, and communicate with other aplications. That way, you van have many apps, but only one data source.
Fahrenheit to Celsius - Simple Example Web Service (ASP.NET)
You can get started with Web Services # W3Schools.com.
Your first C# Web Service - Code Project
And most of your questions are answered in a 15seconds article.
in web application web-service used for transfer data using Ajax technologies without refreshing all page.
also i prefer to you this article with sample Create a JSON WebService in ASP.NET 2.0 with a jQuery Client link text wroted by Ajay Singh link text
If you are familiar with calling a subroutine (method/procedure/function/etc) with parameters and get a result back, then "web services" is one of many ways to call a subroutine located "elsewhere" and get a result back. "Elsewhere" is typically on another computer under the control of somebody else but you.
It has been tried several times before but I believe that Web Services have become so popular due to several reasons:
The communication can be done over http (like a browser). This means that a lot of infrastructure can be reused, and as http is simple, that infrastructure can be simple. This includes proxies, firewalls, debug tools etc.
Web Services include a "contract" - WSDL - saying exactly which things are provided, where they are, and what arguments they take, and what is returned. That contract allows building helping tools, proxies, creating a tool that simulates the other end, and much more.
Microsoft likes it. This results in good support on Windows, which gives many programmers an easy way in.
But, the answer to your question is "web services are subroutines located on other computers".
Web services are typically application programming interfaces (API) or web APIs that can be accessed over a network, such as the Internet, and executed on a remote system hosting the requested services. isma