Hi,
My application is in Asp.Net MVC3 coded in C#.Net. I have published my solution and deployed it on IIS on the client machine. For this particular client we are not using any online server, we have published on client's local machine on IIS and from that machine only they will use it. The only problem we are having is regarding the security of the application as our client is accessible to the database as well as the application.
So under this scenario any technically aware person can take the published copy of the application and publish it again on their machine.
My query
How can i prevent the user from redeploying it on any other machine. Something like we have in the desktop application where the IP of the machine is taken and that particular application can run only on that machine.
I want my published content to be used only on the machine im have published and if the user wishes to copy the published content and deploy on other machine then it should not happen.
I have googled a lot regarding this but no result is returned in this regard.
Suggest how can i achieve the same.
Yes you can secure your ASP.NET MVC application to run on only 1 computer. Here are some companies that offer copy protection:
DeployLX by Xheo (http://xheo.com/)
Cryptolicensing by LogicNP Software (http://www.ssware.com/cryptolicensing/cryptolicensing_net.htm)
IntelliLock by Eziriz (http://www.eziriz.com/intellilock.htm)
ElecKey 2.0 R8 by Sciensoft (http://www.sciensoft.com/products/eleckey)
Related
I have a WebApi project that wraps the Dynamics CRM Online web service and provides a REST api. I have a simple controller that gets some contacts from CRM and returns them to the caller.
Everything works fine when I run it in the local emulator. However, when I deploy the project to Azure, I can reach the home page, but the controllers all return http 500 errors. Why would this happen? And how can I troubleshoot to get more details?
UPDATE
The issue is with the absence of Microsoft.IdentityModel.dll on the Server 2012 instance running the web role in Azure. I found this by opening web role instance in RDP, installing Fiddler, and making the request from Fiddler to the local IIS server. It responded with the detailed error.
Now my issue is figuring out how to enable IdentityModel on a Windows Azure Web Role. You're supposed to be able to add it via the Server 2012 Add Roles and Features wizard, but it's totally locked down on the Web Role. You can't check any boxes that aren't already checked. Is this even possible?
The issue is giving the Web Role access to Windows Identity Foundation when it's inherently not there. Marc Schweigert provides clear steps to do this here:
http://blogs.msdn.com/b/devkeydet/archive/2013/01/27/crm-online-amp-windows-azure-configuring-single-sign-on-sso.aspx
Go to the 23:00 mark of the video and you'll see the 4 necessary steps:
Reference Microsoft.IdentityModel.dll (need WIF SDK installed)
a. Set copy local = true
Create RegisterWIFGAC.cmd in your web role project
Create Startup Task in ServiceDefinition.csdef that invokes RegisterWIFGAC.cmd
Add GacUtil to the project (used in the startup task) to put Microsoft.IdentityModel.dll in the GAC every time the web role starts).
I am kind of new to system architecture. That is, all of my web apps have been relatively flat...two machines at the most running web client and database.
I have been handed the following architecture:
1 VMware machine will run the web application, an MVC 3 app.
1 VMWare machine will host the SQL Server database
1 VMWare machine will host the services.
The machine I'm confused about is the last one. From what I understand, the services project contains references to three other projects: the model, where the entity framework edmx resides, the entities project, which contains T4 templates that use the entity edmx file as input, and the business project which is where the actual business rules are implemented and the meat of the CRUD actions take place.
From what I understand, the intent is to not run an IIS WCF web services interface, but to make calls to WCF services (like those hosted in the MMC services snap in) on the machine over the internet. There is a deployment project in the solution for the services project but I don't know if it's configured properly. I think the idea is to just run the installer on the services machine and it will work.
My specific question is if there are any important things that I need to keep in mind when implementing, configuring, and deploying these services?
I'm kind of new to all of this. I was under the impression that you had to make calls to WCF services via IIS hosted endpoints and that you couldn't (or it at least was inadvisable) to make what amounts to RPC-like calls to machines over the internet.
Since you are new to WCF services, I suggest reading this MSDN article on Hosting and Consuming WCF services.
From what you describe, it looks like you are using Windows Service as a host for your WCF service.
The most common choice for a host is IIS because of its extensive features including self-starting services, ease of deployment, load balancing and so on.
Windows Service is a valid host, provided you can justify the question 'Why not IIS?'. Maybe, you need full control over the activation and lifetime of your WCF service. Not sure.
p.s. Ensure the account that your Windows Service runs under, has the minimum privileges.
This question has probably less to do with actual programming and more to do with environment setup.
I'm developing an application for a Windows CE device, which will use a service hosted in Microsoft Azure. Obviously, this is all under development, and the service itself has not yet been uploaded to Azure. So I'm using the emulators provided by MS to deploy the service locally. Also, I don't think uploading the service to Azure just to debug it is a good idea, as that could net us a bill for Azure we don't yet want to pay.
Also, please note, I'm using VS2008 for the Windows CE project and VS2010 for the Azure project (thank you MS for dropping support for mobile devices -_-).
The problem is, the service seems to be accessible only via 127.0.0.1 or localhost, and if I physically connect a Windows CE device or use an emulated one, it becomes a new entity on the network, and cannot access that service any more.
How can I debug my Window CE application and have it see the service, whilst still being able to debug the service itself?
You are correct, the development fabric (the compute emulator that allows you to build an azure application and debug it locally) is only meant for local development. There are some hacks that allow you to get around that, but I wouldn't recommend it.
My recommendation would be to spin up the service in a more traditional hosting environment, at least in these early stages. You can define it as a web app just as you always would have, and get it functioning. Then, when you know its mostly complete, create a cloud service project and do an add existing to bring your web app into the cloud service solution. Once in, its a simple matter to add the web app as a web role.
From there, you can complete testing of the service in both the local and hosted azure environments as needed. This allows you to minimize your development costs while still leveraging the power of the cloud. As an upside, you also have done most of the basic work to ensure your service is compatible with multiple deployment scenarios giving you a greater degree of choice for its final production state.
OK, I don't know if this was intentional, or if I found one of the mentioned hacks, but I saw that IIS hosts the Azure site I created on port 5100, and the binding for this site is *, so it accepts all connections.
Using this I could access the service from my emulator, and I could still debug all Azure related stuff.
I am working with a team of 5 developers at a small company. There are 3 who work here and 2 work remotely. Currently, we are using Assembla with Trac for source control. We are working on a ASP.NET MVC web site. We are not hosting our production environment right now. I am setting up a BuildServer with Teamcity!! I have it working right now on my locally on my laptop. Should we host our own buildserver or pay some else?
TeamCity is pretty good for small shops such as yours. Hosting your own really shouldn't be bad in terms of setup and cost. As long as your remote colleagues can access it without issue and it fulfills your requirements, go for it.
I'd recommend hosting it closer to your version control server so that it can obtain the sources and perform builds faster. If you host your own version control server, either install TeamCity on the same machine (if the hardware allows it) or put it in the same network. You will also need to install build agent(s) somewhere and a database server (as the internal database may lack the performance and reliability). In a small shop a standalone server would handle all of it (TeamCity Server + Build Agent + MySQL database). In a long term buying a server and hosting it by yourself would be much cheaper than paying some hosting provider each month for a virtual or dedicated server with limited resources. It would also simplify upgrading if it becomes necessary.
TeamCity server by itself is a web application hosted on the Tomcat server. It's accessed via the web interface from the browser. If you have an external IP address on the server, just configure the Tomcat to listen on that address and TeamCity will become accessible from all over the world (don't forget to configure the security).
We're developing an application that is sensitive to the domain name of the request. The problem we're running into is that we have to use IIS in order to test the application because Cassini will only send "localhost" as the requested domain despite using a different domain in the address bar. While IIS does give us better performance than Cassini, we would still like to be able to hit F5 to run our application from within Visual Studio.
Is there any configuration that can be done to specify the domain name to use in Cassini?
I just released the CassiniDev 3.5.1/4.0.1 beta with a simple test fixture example if you are interested.
It supports arbitrary IP addresses and host names. Should fit your needs quite nicely.
http://cassinidev.codeplex.com