I am new to windows azure plateform i want to ask a very basic question. I am doing a project on windows azure and due to some concurrency problems i want also my Browser GUI to be in the cloud which will call the web services which are also deployed in the cloud.
Just need to ask that is it possible that i will also put my GUI in the cloud and i have some URL which i will hit so that my GUI will appear in the users browser...
I want my architecture some what like that
Sorry for the drawing but i am in very hurry
Your web browser would be on the user's desktop, and make a HTTP request to a web application/site that is hosted in Windows Azure. For instance, an ASP.NET MVC web site that makes a service call to a WCF service, that then retrieves data from a SQL Azure database. One way to do this would be to create a single hosted service that contains:
Web Role (to host your ASP.NET site)
WCF Web Role (to host your WCF service)
SQL Azure (for your database)
I think the web GUI you mentioned would be like an agent, it will connect to the real websit and render the content for you. If this is true I would like to say in theroy it's possible, but in practice it will be very difficult, since what you want to do is a web based web browser. You might need to handle HTML, CSS and JS, etc.. But if it's just a web ui that render your data from your service that is fine. So back to your question, when you said the "browser gui", if it's a desktop application, you cannot run it on the cloud; if it's a website then yes you can and your proposal looks fine.
Hope my feedback helps.
Related
I'm trying to create a simple Xamarin application that would need to use a local ADFS to identity the user. Indeed, I wrote an internal web application in ASP.NET Core but the client would like to have a light version as a mobile app, therefore, I need to authenticate the user the same way I do it for the web application: using ADFS 2019 + OAuth/OpenIdConnect.
However, I did some researches on Google and I find nothing talking about that specific case. Most articles concern Azure but I don't want to use Azure, I want to use a local ADFS.
Can anyone provide me with a link or some idea about the way to achieve this?
There's a set of good articles here that cover ADFS and OIDC.
The libraries are the same as the Azure ones - just the parameters are different.
I am looking at developing a web api for my business rules/database access.
I can use Postman to test the api locally but I also need to develop the client web site.
Is it just a case of running the web api locally and then developing the client site to use the local web api urls?
e.g. http://localhost/api/getcustomer/1
Also when it eventually goes live what do I need to look into in order to secure it all?
Regards
We're getting ready to rewrite an old native windows mobile application that accesses data through a VPN. We'd like the new version (.NET Windows 10 mobile application) to access data through web services that are protected by Okta. What is the best way to do this?
Thanks!
The best way to do this depends on how the web services are protected.
The main thing to keep in mind is that you don't want to store any secrets on the mobile application.
In an ideal world, these web services would be secured with something like OpenID Connect (OIDC), allowing you to authenticate against Okta (the "IDP") to get access to the web services (the "Relying Parties").
However, the real world is messy, where some web services are protected via SAML, OIDC, OAuth, custom headers, etc.
Without knowing more about your setup, my recommendation would be to build against OIDC, using a proxy server (or "API Gateway") as needed to secure your web services using OIDC.
One of my co-workers at Okta has written a sample iOS application in Xamarin that implements OIDC, I suggest taking a look at the ViewController.cs file in that repository.
We have this architecture:
Web Server: Web Application is deployed (html, javascript, css)
Application Server: WebApi is deployed
Problem is , I cannot make ajax request to reach Application Server because its behind firewall.
The Web Application is supposed to be used publicly to the internet users.
What changes should we do to make it work?
Should we move our Web Application to Application Server? But how would this be accessible on internet.
Thanks in advance for suggestions/advice.
You're going to have to put an exception in the firewall for the address of your web server... that way your web server can access the API but nothing else can (well, not quite nothing else - other stuff on that web server can but that can easily be solved by having your web app hosted on it's own/dedicated web server).
If your Web Application makes direct calls to the Web API endpoint (e.g. is a single page application that use a client-side javascript framework like AngularJS and/or it uses AJAX calls to your application server address), there is no way for your clients to access your API if you do not allow public access to your application server.
That's because your client resides inside your users web browsers.
You have to allow incoming connections to your Application Server through internet in your firewall.
Well, it all depends on how you look at things and how distributed your application should be (criteria like load, security).
In general, Web API might be just one more client (from your applications server perspective).
On the other hand, in robust/distributed system, you would have Web API only as an endpoint (controllers, mappers and things like that) that your mobile/ajax clients send requests to and then Web API communicates to Application server (where your business logic is).
Having Web API communicate to DB directly is not a good idea because as you add clients to application server (mvc, web api, services, etc...) then you have as many db access points as you have clients. So, its a code maintenance problem plus a problem of your view tier being aware of DB.
Ideally, you need Application server as a tier where all your business logic is and its the one that all your clients target (mvc web app, web api, desktop, services, etc...) and that is the one that should communicate to your DAL. Also, then you can set firewall rules on your application server to allow incoming traffic from trusted sources (your other servers) instead from the whole internet (ajax).
Can I use Dreamweaver to build an HTML based site and then upload this site to the Azure platform via ftp, more specifically will Windows Azure recognise the default page for my website without explicitly having to reference it in the URL?
Azure PaaS (either Cloud Services or Web Sites), no.
Azure IaaS, yes... with a bunch of initial setup.
You could spin up an Azure VM and host a plain HTML web site from within IIS there. You would need to configure the IIS web site (e.g. start page) and set up the FTP server when you first provision the server.
My gut feeling is that Windows Azure is not a very economical hosting model for a project of this kind though.