Dynamic URL service call in WP8 project - webservice-client

I have a problem with web server call in WP8 project. In my project in VS I added ServiceReferense (a web server gives me WSDL), VS created all classes and linked web calls to them, it has also stores login ans password for access. There is another web server, with same services and calls, set up on another URL. Sometimes I'll need to switch the web server i’m working with, but this requires to change login and password, now when I try to call the second one, I get error 401 (unautorized). How can I change login and password in automatically created ServiceRefferences?
I use VS 2013 and WP8.1 SDK. Project based on silverlight.

Related

.Net 6: WindowsIdentity.RunImpersonated failing with DirectoryNotFound error

I am facing a problem when using WindowsIdentity.RunImpersonated.
I am running an ASP.NET Core 6 Web API as self-hosted (.exe) and using HTTP.Sys as host (instead of Kestrel). I am impersonating a user before making a HTTP call to another Web API from within this Web API.
Currently logged on user in this Windows 10 box is a domain user who is part of local admin group. The user I am impersonating is the same (currently logged on user).
When running the Web API by double clicking on it
Inside this impersonation, while calling HostBuilder.Build(), the call is failing with an error
System.IO.DirectoryNotFoundException
The path in the exception is of the folder from where this Web API process is running. I checked in the .NET Core code and it is failing in
new PhysicalFileProvider(_hostingEnvironment.ContentRootPath);
When running web API by right click on exe and "Run as admin"
No issues, HTTP call goes to other Web API and proper response is returned.
Even though I am logged on in this Windows machine with Admin privileges, still I have to run the Web API process explicitly as "Run as Admin" to make things work. This is what I am not getting.
Could someone please help here?

ASP.NET Core - Application not connecting to database after publishing

I created a simple ASP.Net Core application with user authentication (so all the Entity Framework has been preloaded into the web app template). It is connecting to my database with the connectionString that is located in my appsettings.json file, with "data source = {computerName}\\{serverName}" setup.
The database instance and Visual Studio are located on the same machine. This works fine in returning data to the web api while within development and debugging mode. When I publish it and try to go to the site from a domain name it does allow me to view the webpages that are not needing database connection but the rest that need data from the database returns pages like this:
Error.
An error occurred while processing your request.
Development Mode
Swapping to Development environment will display more detailed information about the error that occurred.
Development environment should not be enabled in deployed
applications, as it can result in sensitive information from
exceptions being displayed to end users. For local debugging,
development environment can be enabled by setting the
ASPNETCORE_ENVIRONMENT environment variable to Development, and
restarting the application.
I have tried to change the Environment Variables for ASPNETCORE_ENVIRONMENT from Development to Production to no success.
I have tried adding appsettings.Production.json to publishOptions in my project.json file, even though there is no file appsettings.Production.json, and this did not help. dotnet publish
Adding the evironment variable in the web.config file did not work Deployment
I need help getting the published web api to connect to my SQL Server database from outside the development Visual Studio setup.
The last thing I can think of is that maybe I am incorrect in how I understand the connection string. If the web api uses the connection string to connect to the database from the server-side then it should work just fine like it does when in development calling to http://localhost:port# since it's all on the same machine. But, if the database string needs to be based on a client-side call then it would have to be with domain names and IP addresses.
Can someone tell me which one it is?
The only thing else that comes to mind is that there is something I am not doing, and need to do, inside of IIS Manager. I see connect string there as well but unsure what that is for our does since the connection string is inside the application. Also maybe I am suppose to give the app some kind of authorization to communicate with the database server even though they are on the same machine???
After much research, finally googling "how to deploy a web api in iis" I was able to learn from Host ASP.NET Web API in IIS using Visual Studio Publish that I needed to add the security entity BUILTIN\IIS_IUSRS. Then placing a mapping to my database tables and giving db_datareader (and possibly db_datawriter) for the database to the IUSER to allow access from my self hosted IIS web api. This from the above mentioned link with the part stating
Accessing Database under IIS APPPOOL\ASP.NET v4.0
As we are using ASP.NET v4.0 App Pool make sure IIS APPPOOL\ASP.NET v4.0 is added to your Database Server -> Security -> Logins.

External authorization works on Azure - how to replicate on localhost

I have an Azure website (built using VS2015 Community) which uses "social" login for authentication.
I have successfully deployed a working PoC to azure which happily authenticates the user using the Google+ or Microsoft Account authentication services - i.e. the Azure app service is configured correctly to support social login from these two providers.
The problem is that I don't know how to replicate this for development on localhost; when clicking on one of these links (e.g. the MS one) the browser navigates to http://localhost:60380/.auth/login/microsoftaccount and I unsurprisingly get HTTP Error 404.0 - Not Found.
Question: is there a way I can configure my solution/local environment to authenticate using social authentication whilst running on localhost? Service providers such as Google seem to have no issue letting you specify localhost addresses.
My website has some very basic authorization checks that I want to perform, and I obviously want to do this on my dev environment first.
For your reference - HTML / Login links:
Microsoft Account
Google Account
Google API Manager Config - Authorized JavaScript origins
https://[my site].azurewebsites.net
http://localhost:60380
According to your description, I assumed that you are using Authentication/ Authorization of Azure App Service which provides you with an easy way to protect your application without changing any code on your app back-end.
As I known, when your app hosting on Azure then you could take advantage of the "Easy Auth" feature. But while developing locally, I assumed that you need to write your code to support "social" login for authentication. For more details, you could follow this tutorial.
Additionally, you could follow this Architecture of Azure App Service Authentication / Authorization and this tutorial for a better understanding of Easy Auth.
The integrated identity support is a feature of App Service that cannot easily be moved to localhost development. If you need to test locally on your dev machine, you'll need to simulate the identity component yourself.
If you are building a mobile app, there is some support for local debugging which might be helpful: https://github.com/Azure/azure-mobile-apps-net-server/wiki/Local-development-and-debugging-the-Mobile-App-.NET-server-backend
Otherwise, I suggest you create a second web app to use for integrated development/testing. It's not as convenient, but Azure App Service does support remote debugging, etc, through Visual Studio.
I've been battling through the same process. Feels to me like this is a gap - I'd love to see the .auth pipeline included as part of the dev environment.
Currently, I use this the method defined here - https://weblogs.asp.net/pglavich/easy-auth-app-service-authentication-using-multiple-providers, and whilst clumsy, it works for me.

In ASP.NET, under which credentials does the code run?

1) I want to know suppose we are using an ASP.NET web application in debug mode in VS, then, the code runs under which user account?
2) I also want to know, suppose we publish this to the IIS and then, set it up to use WBA/FBA, then, the username/password of logged in user is used to authenticate user to the ASP.NET site, however, the code (SQL query, etc) runs under credentials of apppool account. Further, which credential is used to access resources on server like files? What is your view on this point?
1) I want to know suppose we are using an ASP.NET web application in
debug mode in VS, then, the code runs under which user account?
This is depending on the hosting. VS provides 4 ways to host & debug a web application : VS Dev Server (VS 2012), IIS Express, Local IIS and Custom Host (VS 2013). Devs servers generally runs under your -Administrator- account, and may not be suitable to test security. Working directly with IIS as your development web server lets you work in an environment closer to that of an IIS production web server.
This is configured in the Web Tab in your web project properties.
2) I also want to know, suppose we publish this to the IIS and then,
set it up to use WBA/FBA, then, the username/password of logged in
user is used to authenticate user to the ASP.NET site, however, the
code runs under credentials of apppool account. What is your view on
this point?
Not very clear, but I think your undestanding of IIS security may not be correct. There is only one application pool per web site which runs under a specific account (by default apppool account, but it could be Network Service or Local System). When a user logs in, absolutely nothing is changed in this process. The user is just connected using an authentication provider : Windows Authentatication or Forms Authentication are 2 common providers. User identity is kept in http context, which allow you to use authorization rules later. So every code block always run under the same account (unless you enable delegation but that's another story).
I higly suggest you to read this complete introduction on asp.net security.

Upgraded app to MVC 4, AUTH_USER is blank

I have a hybrid classic ASP + ASP.NET MVC 4 application running under Win Server 2k3 (IIS6) which we have upgraded to use MVC 4.
The ASP app is attached to the .NET application via a virtual directory. They run in the same application pool (if that matters). This particular app is an admin control panel, and uses basic authentication:
Before upgrading the project, when access the url for the virtual folder, the browser would display a login prompt, where I enter my domain-qualified username and password. The ASP code then retrieves the user name via Request.ServerVariables("AUTH_HEADER"), compares that against an application-level permissions list stored in the database, and enables or disables features in the admin site based on that.
After upgrading the project, I still get the login prompt, but Request.ServerVariables("AUTH_USER") returns an empty string.
I've added the old project into a new website so I can run them in parallel on the same server. The old code continues to work. The new code refuses to. The admin virtual directory in each version of the .NET application points to the same physical location on disk, and the authentication configuration for the folder in both .NET apps is identical.
Suggestions? Note that the MVC 4 app is using the .NET 4 framework, not .NET 4.5, which is not installed on the server.
Note that, although the default domain field in the screenshot is blank, it is properly configured. I've removed it from the image for obvious reasons.
Request.ServerVariables("AUTH_USER") can be obtained when you configured your application to use Forms authentication not Windows Authentication. If it is Windows Authentication you should use Request.ServerVariables("LOGON_USER")

Resources