I have an App Service on Azure, and I can easily call this Service thanks to Swagger or SoapUI, but now I would like to secure my App Service by using a Login/Password or any other solutions.
I have tried to do it with Active Directory but I'm not sure it's the best solution (and it doesn't work for me :D).
Can you help me ? ^^. How can I secure it ?
Thank you very much for your help !
Regards,
I wrote an article how to enable that users need to authentication using Azure Active Directory here. Skip to the section Active Directory Configuration.
Should not be that difficult.
The beginning of the article is about reading Active Directory using the Graph API, that is not applicable for your config.
You can take a look on Azure Easy Auth. I believe that it's the easiest way to achieve that:
https://azure.microsoft.com/en-us/resources/videos/azure-websites-easy-authentication-and-authorization-with-chris-gillum/
Related
We have an in-house Single Sign On server, built on IdentityServer2 and we use it to authenticate many different web products. Some of these products are in .NET, some in ColdFusion and we are adding another in Ruby on Rails.
I am having a great deal of difficulty, though, in finding information on connecting to any generic OAuth2 provider. All of the information seems to revolve around Omniauth and the specific provider gems that most people connect to. These, however, will not help me.
I just need someone to point me in the right direction. I don't care if it's using Omniauth, Rack or anything else. I just need something that will provide some sort of instructions on how to get this working in Rails.
Thanks in advance for your help.
There really isn't a generic way to do this as it all depends on the SSO server setup. I ended up just building the auth string according to what the server was asking for and then using the JWT token to process the token it gave back.
The only thing I can say is that if you run into this issue, either check with the folks managing the SSO server to see what the request URL should contain or check the documentation of the SSO software if you are doing it yourself.
You can use doorkeeper gem which is a OAuth 2 provider for Rails and Grape.You can go
https://github.com/doorkeeper-gem/doorkeeper
hope that helps you.
I am new to developing web services using java. I have an academic project where I need to do dynamic service composition. For that I can't directly create a service-client for a particular service because if I do so then that client will call that particular service only. Client need to search various web services and then out of those services select any one at run time and also call that service at run time.
I was able to develop the web service(JAX-WS) using Eclipse(indigo), I also created the client for that web service and every thing is working fine. Now my problem is that while creating the client I am hard coding the client to call that particular web service only(since I am creating the client using the WSDL file of the service). However I actually need to call any one of the searched service, but for that I need to publish the service some where then discover it and then call it.
I tried publishing the service to juddiv3. But on juddiv3 I could only publish the sample service supplied with the juddiv3. When I try to publish service created by me then it is not getting displayed in the group of published services.
Is there any other UDDI server which I could install on my local machine and then publish and discover the service from that. Also I was not able to figure out how to create a client that will modify itself at run time to call any one service out of various searched services.
Kindly provide the necessary steps and code.
Thanks
You can use jUDDI (http://juddi.apache.org/ ).
juddi is based on UDDI v2.0, v 3.0 .
Here, you can publish as well as discover your web service.
For integration, you have to make some application which integrates with jUDDI.
But I think for your academic project, and for your purpose, jUDDI is best suitable! ( :) )
jUDDI has a boat load of examples in the source code trunk. You may want to check them out. It's difficult to guess what the problem is from the little information you've provided. Consider contacting the jUDDI team for further assistance. http://svn.apache.org/repos/asf/juddi/trunk/juddi-examples/. There's also additional document for working with UDDI in the jUDDI user's guide, which is at the jUDDI web site
You cannot directly publish on jUDDI. You need to create publisher entities in jUDDI server also. You'll find Rename4Sales and Rename4Marketing examples in 'Classes' folder in the standalone server's juddi application. Use these XMLs as your basis and create your own entity. You also need to configure the server's login credentials.
I suggest you follow the tutorials on jUDDI blog.
I would like to have my application http://app.acquee.com/designer to accept a google account as a login. I found a bunch of libs for django but most work on top of existing Django authentication system that I do not use. I have my own set of user tables where I keep user info and privileges.
Any suggestion on how to integrate that with the Google Openid?
Seems I will have to do it manually using python-openid. Or could I use django-openid?
However, with the latter, I don't even know how to issue the discover command.
Regardless, I get stuck on google's step 5, sending a login authentication request (optionally with OAuth parameters) to the provided endpoint address. Can someone provide a sample request? is it a GET/POST? content?
Cheers
You can try https://launchpad.net/django-openid-auth - I'm using it in a commercial project, for both regular Google Accounts and Google Apps accounts. I remember that it was the most convincing one at the time I was doing a review, although I can't give you any details now due to my short memory. Anyway - it's working great.
Could someone please tell me how to access CRM (IFD) webservices from outside the domain?
First you'll have to set up the instance for IFD support. Microsoft has an IFD setup tool.
You'll then want to make sure your website is exposed to the internet. It sounds like you can successfully ping it from the above comments.
You can then use the web services if you provide the appropriate url and network credentials.
service.Credentials = new System.Net.NetworkCredential("username",
"pass#word1", "domain");
A VPN setup is often a good way to accomplish this. That will involve opening the appropriate ports in your (or your company's) firewall, as well.
thats exactly what i did and i found out that theres nothing wrong with the way i access the web services but sommeone has turned off basic authentication of the CRM application, turned it back on and problem is solved
actually if you right click on the website(from iis) and go into the security section, it lets you select the authentication type , eg: anonymous, basic or windows. you should not require to turn off the authentication in CRM, as i found out you need to have basic authentication enabled in order to access remotely.
regards,
lasa
I will launch soo a new iPhone app and want to off-load the forums to my actual FogBugz On Demand account.
However, I discover that FOD have no facility to integrate Single sing-on. I use django and have the option to use open-id, but not know if exist a way to make this happend.
Obviously, I could hack a simple forums like the one on FogBugz in django or reuse one, but I just think that aintegrated forum with the bug tracking is the best thing.
Any idea?
FogBugz On Demand now natively includes some authentication methods other than the standard username/password authentication.
Setting up authentication with Google's OAuth is quite simple for companies using Google Apps for work email. Once an administrator enables OAuth following the instructions in this article on Fog Creek Software's help site, logging in is as simple as clicking the OAuth button on the login page. All of the users' settings are retained.
If you’re already managing the rest of your authentication through a SAML 2.0 provider, you can also use your identity provider for FogBugz login. Steps for configuring SSO can be found in this article. This requires a bit more configuration than OAuth, but will work for companies that don't use Google Apps for email.
Of course, if you have any questions about configuring SSO in FogBugz, you can always contact customer support at http://www.fogcreek.com/contact/.
From the FogBugz forum:
http://support.fogcreek.com/default.asp?fogbugz.4.102256.3
I believe this is you there also. The answer provided shouldn't be too difficult to implement.