I'm very new in Azure. I built an Azure WebApp which my vendors and customers log into. When users log in, they go to the SiteMap page. I want customers only see and access certain pages in the SiteMap and the vendors see and access some other pages. How can I do that in Azure?
Thanks so much!
Cheers,
Alan
Related
I am working on an asp.net mvc 5 project which is a sub domain based multi tenant saas application like t1.abc.com for tenant1 and t2.abc.com for tenant2.
I am trying to share the session across the sub domains for supper admins and I configured web config with root domain as
<httpCookies domain=".abc.com"/>
But it is not working, even after I login to abc.com when I go to t1.abc.com in the next tab still it prompts login page.
The session store is configured to point to the RedisSessionStateStore and the application is deployed in the azure cloud web apps.
Is there anything I am missing?
Finally I figured it out. I used owin middle ware so the solution is here in this link ASP.NET Identity Cookie across subdomains
Plan :
Many asp net 4.5 sites hosted on azure (will be mapped to different domains) -->
How to share login between the sites?
Option 1 :
Use 1 database for all sites - how each site login and which site is the "master site" which hold
the database?
Option 2 :
Use database for each site with extra 1 global database for users(+forums posts)
Option 3 : ( combine 1+2 ?! )
2 database , 1 for users users(+forums posts) + 1 for data
Either option , I don't know how to do it ...
I'm using CodeFirst Membership Provider
If I login to SiteA is like login for SiteB and etc ( you got the point )
Is it "same domain" if all sites sits on Azure?
You need to use Azure Access Control Service (ACS) which is a part of Windows Azure Active Directory.
Create one ACS namespace and add all your applications urls as relying parties in this namespace through the portal. After that you need to Add a STS Reference from Visual Studio (that comes up when you install Windows Identity Foundation) for each of your application by giving the url of your ACS service namespace.
You will have to add your custom Identity Provider against which you need to do authentication. For example, in your scenario you can have a single database and create a custom STS that authenticates using forms authentication, and you will have to use the url of this service as your Identity Provider in ACS namespace. You have option to Add default identity providers such as Windows Live, Google, Yahoo and Facebook as well in case you want.
For some detailed steps refer this link
There are few sample codes available at MSDN Code Gallery as well.
Use database for each site with extra 1 global database for users
This option sounds good for me.
You can use CAS (Central Authentication Service) and this way you'll have a central point to authenticate the users. CAS will be configured to authenticate in the Global Database.
**It's necessary to configure each ASP Application to authenticate using CAS.
The basic authenticate flow is:
User tries access a specific ASP site.
The ASP site identifies that the users isn't authenticated and redirect the user to CAS (that runs in other web site).
User types your login and password.
CAS checks in the Global Database if the login and password are correct.
If yes, CAS redirects the user to the specific ASP site (step 1).
You will need to install Java and Tomcat (or other java application server) to run CAS. Because of that, I don't know if CAS is a good option for you.
http://www.jasig.org/cas
I'm using CAS authenticating against an Active Directory instance.
Sorry my english.
I've got a simple MVC 4 application with a user and role defined in the ASP.NET Configuration. They work fine locally (Running with F5) but when published to Azure Web Site the users don't exist or at least, when trying to log in I can't. Could either be the user doesn't exist or that the passwords isn't matching.
e.g. I have a page for Admins only, I have one admin user. Locally I created the user and role in the ASP.NET Configuration page and I can log in as Admin and access the secured page. After publishing to Azure Web Site I can't log in as Admin.
Can anyone help? How do I publish my ASP.NET Configuration?
I'm using Visual Studio Express 2012 for Web
As #Sound pointed out, you are probably missing the users from the DB that is hosted on Azure. You can access Sql Azure using Sql Management Studio once you open up the firewall through the Azure portal. From there, you can run a script to insert the users, or do it manually through SSMS.
There are many options for migrating data, the above just being a few. You might also look into EF Data Migrations as that might be a good fit as well.
When you create a new MVC project in Visual Studio, you get an AccountController that supports user self-registration and self-help changing passwords. This is great as a basic first step for a public internet site. But for an intranet site where an admin is responsible for creating users and assign them roles, is there any equivalent pre-existing template to start from?
To clarify, I am looking for a template that continues to use basic auth and that continues to use the ASP.Net membership and role services, as does the internet template, but provides UIs for user and role management that are intended for use by an administrator. The site is going to be on the internet but is not going to be "public" per se. There will be one or more sys-admin accounts that will have the ability to provision other users. The site will hosted by a yet-to-be-selected hosting provider.
Yes, it's called the Intranet Application. I know, who would think an Intranet application was an Intranet application?
MVC3 has 3 templates, Empty, Internet Application and Intranet Application.
i have created web site with mvc. i have created security part of this web site. users can register on it. and information about user will stay on aspnet_users and aspnet_membership(roles in aspnet_roles). i looked at this tables and saw that all information are belong to a application(to my current web site). but i want to make so that when i will create a new web site all users which has registered on first site can logon without registration. how i can do it?
You could configure both sites to point to the same SQL database for authentication and authorization. For this you will need a separate instance of SQL server accessible from both sites.