As part of an evaluation process for a commercial project I'm searching for any full fledged example of authentication/authorization using the websharper stack. I'd like to use OWIN, since it seems to be a well designed protocol, but I'm open to alternatives.
Some requirements:
use Mono
use the Suave server.
For now, we have been trying to adapt this tutorial for the websharper toolchain: https://www.codeproject.com/tips/849113/four-easy-steps-to-set-up-owin-for-form-authentica
This is what we currently have: https://github.com/Denommus/cookies-problem/blob/master/Main.fs
I would also like to mention that the default method ctx.UserSession.LoginUser has this issue: https://github.com/intellifactory/websharper/issues/647
But the cookies file is not being generated for some reason, probably because we're missing something obvious. Anyone able to help?
EDIT
I think I figured out the reason why the cookies file is not being generated: the Suave server doesn't actually run OwinStartup, so I need to figure out another way to configure the IAppBuilder of my application. But I still don't know how to do it, so if anyone can help I'll appreciate.
EDIT 2
I think I fixed the configuration of OWIN in my application, but I still don't have cookies being generated.
Related
In VS 2012, I am attempting to create an MVC 4 web application with jQuery calls to a Web API project. (Other devs will be consuming the API with our current, native app, and probably adding to the API in the future.) So I have one project that is the Web API, and another project that is the MVC 4 website. I can only set one of them to run, and they use localhost:xxxxx.
How do I debug changes to both? For example, let's say I add a new API path /api/customer/get and then a new jQuery ajax call to that path and do something with the resulting JSON. I've changed code in both projects and want to follow it end-to-end; how do I launch both? How do I debug both?
Just to be clear, the MVC app isn't making server-side calls to the API, I'm using MVC mostly to be able to easily use bundling, minification, and (hopefully) pre-compiled Handlebars templates in .NET; the API calls are coming from jQuery. As I am still relatively new to these technologies, alternate suggestions are welcome.
Thank you in advance.
I had the same problem and have found a solution from here:
forums.asp.net
The fix is to do the following:
In your solution file, click properties go to the Startup project node (if it is not already selected)
Next select Multiple startup projects. Select your website and your webservice and in the Action column make sure both of them have "Start" selected.
Now when you debug your website and put a break point in your webservice, it should hit the break point.
Coming late to the party but in case anyone else is looking for a solution, this is what was best for me: Set the Api project up to be the starting project (I needed to limit to one startup so that I could flip between browsers more easily). After firing up the service project, right click on the web/ui project and select debug, start new instance. You'll have both running and you'll seamlessly step from web to api.
I had a similar problem with my web api project. My solution consisted of an angular front end with 2 web api projects on the backend. One web api project handled "authorization" and the other handled "resources". I used the following tutorial by Taiseer Joudeh as a starting point:
http://bitoftech.net/2014/09/24/decouple-owin-authorization-server-resource-server-oauth-2-0-web-api/
Breakpoints worked on the "authorization server"... but not on the "resource server". I compared the packages from the two projects to see what was different. Once I added "Microsoft.AspNet.WebApi.Cors" to the "resource server" project, the breakpoints starting working.
I'm new at neo4j and I want to use neo4j.Asp.Net.Identity for authentication and authorization but I can't find any sample that implements that.Anybody knows how can I find a sample for that?
I'm also want to use Token-Base authentication for authentication and authorization.
The project is here: https://github.com/assimoes/Neo4j.AspNet.Identity the problem you'll have is that it doesn't implement the third-party authentication - i.e. you can't just drop it in and it'll work with something like MVC's Facebook/Twitter stuff.
Your best bet is to get the code from GitHub and reference the project directly as you're going to have to implement some new interfaces, and personally - I would change the implementation of the data structure - roles, authentication tokens don't work (if I remember correctly) - so you'd probably need to fix them.
You might actually be better off using my fork: https://github.com/cskardon/Neo4j.AspNet.Identity which I've been playing around with for a while in an MVC5 project and it's working so far (I'll create a demo version of the MVC5 soonish).
There is now a NuGet package for it. Click on the link in the Nuget documentation, and it should take you to the appropriate web-site.
I am using OpenCover to cover a very simple ASP.NET MVC application. It's basically just a shell application: a handful of controller methods and not much else.
I am attempting to user OpenCover to launch an instance of IIS 8.0 Express, through which I will run the MVC application. However, when I try to browse to the site, I get an "Access is denied" 401.2 error. I have tried numerous things to solve this, mostly revolving around different ways to enable Windows Authentication. Most of my attempts have been based on advice from questions like this. Despite my efforts, I'm still getting this 401.2 error. Also, I should point out that when running this application through VS2013, I can access the site just fine.
One final detail is that in order to use OpenCover, I cannot use the full version of IIS because OpenCover and IIS don't work well together, so IIS Express is a must. If there is any sort of configuration details I can provide you with in order for you to better help me, please let me know. Thank you!
I have an existing, eclipse based web servlet application that authenticates using http basic authentication. I am looking to convert this to Spring based security. I understand what has to be done programatically, but am having problems with the details of configuring the project itself in eclipse. I am using the Spring STS toolkit, and I am able to successfully import one of the Spring Security sample apps (openid-xml) and it works fine.
My existing application also works properly when run under STS, but without Spring support
I would like a recommendation for either a tutorial on making this conversion, or some useful advice. For example, is it easier to
a) create a new Spring application and try to migrate my existing code into it, or b) try to convert my code by importing the various spring libraries, etc? c) convert my existing app to use maven instead of eclipse (Spring just doesn't seem to want to work without maven, and i am at a loss here) - naturally, I have no idea how to do this.
Any advice will be most gratefully received, after a day of hit and miss frustration.
I have answered my own question, and will try to provide some details for those who may be having the same problem.
First, there is some relatively useless info available on stackoverflow, but some good stuff as well.
This (https://stackoverflow.com/a/14867188/1374167) is completely wrong. It is certainly possible to secure a servlet with Spring Security. The trick is to realize that you are going to have to use Maven and Gradle to build the libraries for Spring and Spring Security.
Once you have built these jar files, you simply import them into Eclipse (it doesn't really seem to matter which version) and set up your web.xml and security contraints.
I used this project as a starting point. It's not perfect, but it got me on the right track, after I updated the spring and spring security jar files. The full blog post is here
I had a frustrating experience getting to this point but I hope this information will help others. It's quite simple once you understand what to do.
I'm building a CDN, and looking for a ways to utilize .NET minification/bundling mechanism (System.Web.Optimization) there.
The question is how can I return minified bundle from MVC controller.
Note: I'm looking to use native .NET 4.5 capabilities, I do not want 3rd party solutions.
I'm only looking for ways to utilize this on CDN side. Not on client application side.
Additional question: If the above is possible at all, please explain how can I take advantage of caching, which is normally achieved through adding unique query string parameter to request.
The asp.net bundling and minification uses WebGrease internally.
Grab it off nuget and add just start using it. It looks like the codeplex site doesnt have any examples on there so you will need to look at the source code or download/decompile the asp.net source code to see how they use it.
For the query string parameter I believe that is mainly to prevent/aid client side caching it doesnt neccessarily have anything to do with your server side.
You haven't said how you plant to serve up the JS files from your custom CDN so I can't help much with the caching, I would highly suggest not serving them through mvc though, there will be a lot of extra things happening in the pipeline that you dont really need if all you're doing is serving static files.
Perhaps look at having some process that parses the files and sticks them in a certain directory that IIS can serve directly without delegating to asp.net