I've being trying to fix this problem for a week without luck. I am trying to access a sharepoint application hosted on azure that has the option "Log in with Azure Active Directory" enabled on azure .The app works perfect in sharepoint withouth that option in azure, what am I doing wrong?
Also, consider that my app uses the rights Web amd User Profiles as "read", stated on AppManifes.xml. Like I said, the app works well when the "Log in with Azure Active Directory" option is not enabled.
Related
Thank you for reading my question.
I'am trying to implement Azure AD B2C in Sitecore 9.0.2 version that being said i have used a sample code from Git Hub which implemented ADB2C using ASP.NET MVC. I created a feature project in Sitecore added all the files needed,built the solution and deployed it to Sitecore web root, resolved dll conflicts but still seeing one issue:
Sitecore have an older version of "System.IdentityModel.Tokens.Jwt" dll with class "System.IdentityModel.Tokens.JwtSecurityTokenHandler" which is no longer available in Version=5.2.1.0
Any help/guidance here to resolve this issue or is there any sample implementation available in Sitecore with Azure AD B2C.
Note: i'am not looking for Federated Authentication (Azure Active Directory) Azure AD
enter image description here
Steps to create Azure AD B2C :
Login to Portal.azure.com and create a New Tenant (working directory
with subscription)
Link your Subscription
Create/Register an Application (Client)
Create Client Secret, User Flows, Custom policies reference
Create an MVC application which can generate Azure Login Url reference
Deploy your code to sitecore root & browse the site.
Open Issues : Users need to be created in Sitecore manually even after having Virtual User creation in place.
Essentially, I'm wanting to create an Oauth Client as an App so I can get data from Dynamics for multiple customers. Does anyone know if this is possible to do in AppSource or do you know of another way?
I have a service that will be served in a cloud different than Azure so there really isn't anything for me to submit as an App and I really don't want every customer to have to setup their own App that gives my service the privileges/access it needs, but it's looking like I may have to.
It sounds like you'll want to register an app with Azure AD (the OAuth2.0 service/identity provider for work and school accounts), and create a multi-tenant app. Then you can configure this app in the Azure Portal to get permissions to the APIs the app wants tokens to call (in your case Dynamics or the Microsoft Graph).
Once this app is written, you can code up your app using one of the Azure AD Auth Libraries. Here's some sample code for a .NET web API. You can find more code samples on Github and search active directory. Moreover, the Azure Active Directory Developer Landing Page is a great place to look for more resources on doing all of this.
I have been working with Azure's web app service using Resource Manager to deploy a Django app. It has been working in fits and starts. I really like the auto-deployment from GitHub but I have been frustrated by the ability to work with the underlying machine. There is a "Console" tool through the Azure portal but it has limited functionality and when there is an internal server error on my app, I can't find the server output log.
Can someone share insight into how to view the server logs?
Azure web apps have a number of logs however, the applications logs provided out of the box only support Asp.Net applications. That being said there is an article about django on web apps and how to store and view its logs here.
What'll you'll have to do, as described in the link, is to setup the django application to store its logs on the azure file system. Another option is to setup the django application to email the devs but the better option is to store the logs on the file system properly.
We have Sharepoint 2013 single server farm and another one server with ADFS 2.0
Now configure sharepoint site with below steps:
Install ADFS 2.0
Configure ADFS with the web application as a relying party
Configure SharePoint Server 2013 to trust ADFS as an identity provider
Configure the web application to use claims-based authentication.
Demonstrate SAML-based claims authentication from SharePoint web application
and it will working fine with sharepoint.
Now we add one provider hosted app with this sharepoint site but we get some error.
1. When deploy from VS2012 it will give an error
"Error occurred in deployment step 'Install app for SharePoint': The System Account cannot perform this action."
second way we are upload app file into app catalog and try to add this app in to sharepoint site.
Error : “Application error when access /_layouts/15/appInv.aspx, Error=This App is not installed on this site. at Microsoft.SharePoint.Lifecycle.SprocWrappers.GetAppInstanceById(SqlSession dbSessionWrapper, Guid siteId, Guid webId, Guid instanceId, Int32 lcid) at Microsoft.SharePoint.Administration.SPAppCatalog.GetAppInstance(SPWeb web, Guid appInstanceId) at Microsoft.SharePoint.ApplicationPages.AppInvPage.SetControlStateUsingAppInstanceId(String appInstanceId) at Microsoft.SharePoint.ApplicationPages.AppInvPage.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)”
This issue may be due to claim base authentication in sharepoint 2013 site. because this app will working fine in windows base authenication sharepoint site.
I faced the same issue but I was not using ADFS. For me the solution was to use another account for installing the High Trust Provider-Hosted app. The server farm account should not be used for other services. Try using another account that has required permissions.
So here is the scenario:
I have a MOSS 2007 box and I want my clients to be able to access a SharePoint site via the internet. I am told that I will be using an IPA and AD for authentication. However I have a DB outside of SharePoint that holds various business data and I want to use Web Services to access the data, manipulate it, and send it back to SharePoint via web parts.
The issue is that, from what I understand, I am going to have to authenticate the AD user every time a request to the Web Service happens. Obviously I dont want to do this every time because they have already authenticated to get onto the site, however I do want each call to have some form of security so its not open calls to my db. I do plan on having other applications access this service outside of SharePoint, so I dont want to have to reinstall the service for each application or even again.
Has anyone had to perform this task or something similar or do you have any suggestions on how to do this?
Thank you in advance and happy coding!
Why not just deploy the webservice to Sharepoint using a Sharepoint solution and a Feature.
That way it will be running under the sharepoint app pool and all authentication is done by sp.
Edit:
Seeing that SharePoint should not be in "control" (as stated in the comment), you should create the webservice, and run the application it's under in as using Windows Authentication. IMHO you should create a WCF Service. The, using the information found in this article you make the Service authenticate users against the AD usergroups they are in. see the "Security: Authentication" section of the article.
Then in Visual Studio you create a webpart and add a service reference to the project, pointing to your newly created Service. Have the webpart perform the needed logic (i.e. display data etc.)
Deploy the webpart to SharePoint using a SharePoint solution (.wsp files, created with WSPBuilder). Google for SharePoint + wspbuilder + tutorials. The solution should contain 1 feature to deploy the webpart. WSPBuilder integrates with VS and allows for the creation of WSPBuilde project. add a webpart feature item to the project (it will create the xml (deployment related) and code file for the webpart.