My provider-hosted (MVC) app for SharePoint 2013 is deployed to Azure website. However once it calls SharePoint CSOM it fails with unexpected error.
Any idea why?
Thanks!
This occurs when you make a request directly to web site, using a url (e.g. "xxx.azurewebsites.net") because in your "Index" ActionMethod is marked with:
[SharePointContextFilter]
If you want access to your web site outside from Sharepoint, you can have in your Provider App, two controllers. One configured how ClientWebPart for access inside from Sharepoint and other for external access.
Related
These are Application Types and Scenarios that Azure AD supports:
Web Browser to Web Application
Native Application to Web API
Web Application to Web API
Daemon or Server Application to Web API
I have two questions:
I would like to understand where my scenario below fits.
I think I need to use JWT tokens and it seems that Native Application to Web API is the closest,
but I still need Asp.Net MVC application to deliver Client side Angular MVC resources (html templates, controllers and Rest services)
Which Azure Active Directory Code Samples are the closest to my scenario below:
I would like to create a multi-tenant Angularjs (delivered using Asp.Net MVC 5) and Rest Web API 2 secured with Azure AD. I would like to have tenants choose their domain names like firstTenant.com,
smt.firstTenant.com or to have subdomains like firstTenant.MySaaS.com, secondTenant.MySaaS.com
or MySaaS.com/firstTenant, MySaaS.com/secondTenant or similar domain naming scheme.
I would use some kind of IoC container to add customization to my SaaS application or similar to deliver specific functionality to each tenant (GUI and business logic and DB).
I would use and Asp.Net MVC application that will custom tailor SPA resources (html templates, .js controllers, .js services, .css, images etc) to each tenant and use some partitioning techniquest to retrieve tenant and user specific content from DB called from Rest API controllers.
Thanks,
Rad
I am also facing the same 'i dont know' issue :)
But far as i have researched the authorization flow from SPA aplication to the web api.
You still need webserver(mvc) project that will privide redirecting to the Identity provider (azure AD) login page and on the IP callback you will need to inject baerer token to Angular auth service that will send token to the api or deal with the refresh token.
So for me I think that, Web Application to Web API, is the right direction programming.
pls comment if i'm wrong
Currently i'm investigating link
http://code.msdn.microsoft.com/windowsazure/MyCompany-demo-applications-eedab900
update 2:
http://www.cloudidentity.com/blog/2014/04/22/AUTHENTICATION-PROTOCOLS-WEB-UX-AND-WEB-API/
Maybe it will be helpful to us.
When creating a Sharepoint 2013 App project in Visual Studio you get a project that can be deployed and debugged against a Sharepoint Server.
In that application you have access to a lot of Sharepoint Specific REST API functions that work with the Sharepoint Specific Data (User information, documents, lists, etc.). But what if I now want to add domain specific functionality that is backed by a specific Database that only contains those domain specific structure and data?
Do I have to set up the asp.net MVC application on an IIS myself and authenticate the calls to the API myself or is there a way to let the API reside in the Sharepoint Web App Domain and be deployed side by side with the Sharepoint App itself?
Or is it even possible to extend the Javascript- and REST API of that specific Sharpoint Installation?
I haven't found a way to add an asp.net MVC web api project to the SharePoint IIS site. I think you need access to the application_start event to set up route rules so that makes it difficult. You can deploy your own wcf or asmx services to the layouts directory. Or you can cheat and create an aspx page that returns JSON data.
I would create my own asp.net web api on a different web application (and domain). You can use CORS to allow cross-site scripting from SharePoint to your custom api. If you go with this approach, the api and SharePoint will have to leverage the same identity provider. So SharePoint's NTLM is no longer an option.
I developed a web system using ASP.NET MVC 4 and I must perform an integration using .NET Web API and Windows Forms Application.
So far everything has been fine, but now I need to authenticate the users using Windows Forms Application and this application will be open on the internet.
My application already contains users that are registered in the database and currently are authenticated using the component 'Authorize' of ASP.NET MVC.
For data consumption through the client (Windows Forms Application) currently I use the library Microsoft ASP.NET Web Client API.
How can I accomplish this task safely?
Does anyone have any suggestions?
You can extend the HttpClient to add authentication. One example can be found here. It shows how to add a HttpMessageHandler into your pipeline for authentication using OAuth.
Here is the complete List of ASP.NET Web API and HttpClient Samples
Take a look at this Q&A which describes creating a custom AuthorizeAttribute for Web API that also authenticates the user using http basic security and grabbing the credentials from the HTTP header. Note that there is a different AuthorizeAttribute for ASP.NET Web API (System.Web.Http.AuthorizeAttribute) as opposed to the one for an MVC controller (System.Web.Mvc.AuthroizeAttribute). They have different behaviors. You do not want a call to a Web API being redirected to a logon page.
I have a custom STS built using the template from Visual Studio. It works great when I just use it in SharePoint or just in MVC. But if I log into SharePoint first, I get the following message when I log into the MVC site.
ID4230: The SecurityToken was not well formed. Expecting element name 'SecurityContextToken', found 'SP'.
It seems like SharePoint is modifying the Federated cookie and causing it to only work in SharePoint sites.
Has anyone seen this issue before? I would seem that Microsoft has planned to allow SharePoint and other .NET applications to live together.
Thanks all.
Hate to answer my own question. But the issue I was having was that the SharePoint site A was dev.sites.com and the MVC was books.dev.sites.com. The STS federated cookie was using the cookie issues from dev.sites.com and ignoring the fact that book existed in the domain. Might be a bug in the STS to allow for multiple levels of authentication when the site you logged into was the lower on the domains.
Log into dev.sites.com first
tapes.sites.com fine
this.sites.com fine
books.dev.sites.com FAIL
I am facing issue with accessing a custom web service deployed to _vti_bin of SharePoint Site. The web service is being called from the InfoPath 2007 browser enabled form template. Everything works fine if the call originates on the same machine as the web service host. It's an anonymous web service with no auth needed.
When I access the form from an external environment, it throws "Error accessing data source". There's nothing in logs or event viewer.
Any idea is welcome as it is becoming cryptic considering there are no logs.
In the end, point number 2 in the following post served as the solution - http://sharepointconnoisseur.blogspot.com/2011/04/how-to-resolve-401-unauthorized-error.html