I have a scenario where I have a web site that will be used by multiple customers.
But I do not want to publish the web site to each customer domain's. Instead I will publish the web site to an azure web site for example mywebsite.azurewebsites.net and I want all the customers domains to redirect to this mywebsite.azurewebsites.net but I need to know which customer is this so I can display the correct content. for example I am thinking about appending or sending a hidden custom parameter in the query string or such.
What I need to know is
How can I redirect all the domains to mywebsite.azurewebsites.net
How can I pass a hidden parameters in the redirect for example any request from the customer domain e.g "www.cust1.com/Home/Index" will be redirected to "mywebsite.azurewebsites.net/Home/Index?username=testuser" and "www.cust1.com/Home/Index?querystring=ffff" to "mywebsite.azurewebsites.net?querystring=ffff&username=testuser"
I do not want to publish any web site content on the customer web site that means the customer domain root directory will be empty.
There are quite a few different ways you can do this.
The first thing you need to determine is: How are you going to handle the redirection to mywebsite.azurewebsites.net?
Are you going to place code directly on the customers website to
redirect?
Do you have the access to the customers DNS's allowing you to forward their site to mywebsite.azurewebsites.net?
Do you want to create a CNAME record and point it to your Azure Website?
Method #1
If you have access to the customers website then this becomes the easiest method.
As you described above, I would simply redirect the user back to your site with some type of custom url i.e mywebsite.azurewebsites.net/customer1 .
When the user hits this page you could then set a cookie in their browser so that you know where they came from and then redirect them to the home page at mywebsite.azurewebsites.net. This would happen almost instantly and the customer would never notice.
Method #2
If you are able to forward the domain or they can only redirect the user to the main website at mywebsite.azurewebsites.net, you can simple look for the referring url when the request comes in. Then as you do above, based on the referring URL you can then set your cookie and show the proper content.
Method #3
This is assuming you have access to the customers DNS records and are able to create a CNAME record for www.customerwebsite.com -> mywebsite.azurewesbites.net
In that case, when the user visits the site you would just pull down the HOST and then set your content based on that.
The specific code is here:
string url = HttpContext.Current.Request.Url.AbsoluteUri;
// http://localhost:1302/TESTERS/Default6.aspx
string path = HttpContext.Current.Request.Url.AbsolutePath;
// /TESTERS/Default6.aspx
string host = HttpContext.Current.Request.Url.Host;
// localhost
You can find more information here: How to get the URL of the current page in C#
Let me know if you have any questions or end up implementing any of these solutions.
Related
Our production application is configured with F5.
If request comes from mobile to http://xxx.abc.com/show.aspx?show=homePage
I want to create rule is F5 to redirect to a different domain like
http://xxx.xyz.com/show.aspx?show=homePage
My doubt here is if the initial URL contains User Agent since users are browsing from mobile, after the rule is created is by default the User Agent is also passed along.
The URL that we are trying to redirect to should also contain User Agent since my application renders mobile pages based on useragent.
Thanks
The answer for your question is on Devcentral.f5.com:
https://devcentral.f5.com/questions/simple-url-redirect-irule
There are several ways to achieve what you're looking for and also include or exclude user agent data. It will depend on exactly what the redirected server needs. Just search on DevCentral for URL Redirect and you'll get more answers than you'll need. Here's an overview of URL redirections:
https://devcentral.f5.com/articles/2-minute-tech-tip-url-redirects
I am trying to configure a LinkedIn application for a multi tenant site. I will have 20+ tenants using the same application and the number is going to increase every time.
As per Linkedin API documentation (https://developer.linkedin.com/docs/oauth2) we need to ensure following points
We strongly recommend using HTTPS whenever possible
URLs must be
absolute (e.g. "https://example.com/auth/callback", not
"/auth/callback")
URL arguments are ignored (i.e.
https://example.com/?id=1 is the same as https://example.com/)
URLs
cannot include #'s (i.e.
"https://example.com/auth/callback#linkedin" is invalid)
Can i configure redirect url as https://*.mysite.com/auth/linkedin/callback instead of specifying url of each tenant separately.
You cannot do a subdomain based wild card mapping as the IP should know the RP.
You can change the logic after you get the authorization callback, so you set the cookie and then you will have to redirect the user back to the tenant URL instead of the base URL.
Anyway, after successful authorization, you will be redirecting the user to an action, just figure out the subdomaina and the construct the URL and do the redirection
HTH
EDIT
Since the use of the URL or other approaches seem to be a hack, can you please try to have a facade like application (or Gateway like one) that has a URL that is registered in linkedin and then on receiving the response, it can use a state or other factor to redirect to the tenant URL. This can use a 302 and it will be invisible unless the user is on a very slow network. This approach does not require any hack like approach.
Here state can be a function that takes a tenant info and generates a dynamic hash that is stored for tracking and redirection.
We need to post from data to a partner who is providing a service to us. We want to do this via a form post to keep things simple.
We will post form data (an id) to a form on the service providers website using JavaScript etc.The service needs to take this id and show some associated data to the user. We pictured this posting to a form on their server and then displaying the result in a popup. If the user is happy with the associated data they will hit submit on the form in the popup (which is on the service providers server) and the service provider will post to a controller on our server.
User clicks link on our website
This posts data to the service providers site and displays content from service providers site in a popup/iframe
User checks the data displayed in popup and sees they are happy with it
The user hits submit in the popup (service provider updates something on their site)
Service provider submits form data to our controller (we update something on our site)
We need to make sure that only our server can post to their page and only they can post to our page.
We are using MVC3. They are using a web technology of their choice.
Any advice on the simplest quickest, and secure way of doing this. Obviously need to prevent replay attacks and be sure that they are the only ones that can post to us.
We want to do this via a form post to keep things simple. We will post
to a web page on their server, they will do some processing and post
the data back to a controller action on our server.
Ah no, that's impossible. If you have an HTML <form> whose action is pointing to some url (no matter if this url is located on your server or on a third-party server), when this form is submitted the browser will POST to this url and redirect to it. This means that while you will be able to send the request to the remote source and it might then query some controller action on your domain you will not be able to show the results of the execution of this controller action in the browser, because the browser will show the result of the execution of this remote url.
So one technique would be to have the HTML <form> POST to a controller action of yours which itself will delegate the request to the remote service (using a WebClient) and then return some view to the user.
Now all that's left is to ask the network administrator of the remote server to allow HTTP requests only from the IP address of your web server.
Of course this is leaving the possibility for the user to craft an HTTP request to the controller action of yours and thus indirectly hit the remote service. The only possible way to prevent this from happening is to use authentication and deny public access to anyone to this controller action.
I currently have an intranet site that is accessed by external customers. I therefore set this up using Forms Authentication. However the powers that be (my bosses) want all our domain users to not have to enter their username and password to access the site.
I've done a bit or reading and everything seems to point to setting up a WinLogin.aspx page that you alter to use WindowAuthenthication and then redirect from there.
I have a problem with this as I don't like the idea of putting an aspx form in my mvc application.
Can anyone tell me how to achieve mixed authentication using a strictly MVC Controller/Action setup without a second application?
NOTES: running MVC 3 on an IIS 7 box.
Forms Authentication is not related to the URL or physical structure of your files. What matters is that a URL should ultimately map to a physical (or virtual) resource on the server, and be processed, and be returned back to the user.
Thus, somewhere in between for each incoming call (each HTTP request, even those for CSS and JavaScript files), you have to see if the current user has enough permission to access it or not. If no, then you might redirect him to the login page.
If you want, you can have a URL like /user/windowslogin where user is the name of the controller, and windowslogin is the name of your action method. Then you can create a custom authentication attribute (something like [WindowsAuthentication]) on your windowslogin action, and in that attribute (which is an MVC filter in essence), you can see if the current request comes from within your domain, and if so, talk to Active Directory for authentication or stuff like that, and on case of successful authentication, create an authentication cookie using FormsAuthentication class, and the rest of the story.
However, I don't think this would be an easy task. Others might introduce better solutions.
I got problem trying to set the URL of my site. The project is based on mvc azure.
Usually azure has URL like: xyz.cloudapp.net So when i set my site live i added a domain that points to the azure project. www.xyz.com.
The issue is that if i try to click on 'Contact' or 'About' buttons i want the URL on the browser to show up as www.xyz.com/about and www.xyz.com/Contact. But whenever i click on the about or contact button, the browser URL still shows as www.xyz.com.
I have over 50 pages in my site however, Google is only indexing it as one. Can some one please tell me how can i get this URL showing the pages i am routing too.
Use domain control panel, can routing with cname or A record. Use Url routing "/Contact" make sure "/"
For A record, use Azure Production VIP and enter the two recording. one hostname null(xyz.com), two hostname www(www.xyz.com). May also be a name you want to(my.xyz.com).
For cname, The only difference, dont use VIP. Instead use xyz.cloudapp.net
Use domain control panel for all these processes.
Sample Azure Url
Sample Cname Url
DNS Check see end of document WWW A Record