If I want to send some data from a mobile device to windows azure, is there any service that can help me?
Or do I need to create some REST services and call tham from the mobile? If I do this how should I assure that the sender of the data is the mobile and not some hacker? How should you secure that communication between the mobile ad the azure platform?
I suggest that you create REST or OData services in Windows Azure. As for securing, it might be a bit of a hard work. But you can start looking at Securing REST Services. The Windows Azure Access Control Service could help you with the tokens. There are various samples here. Maybe the sample for Windows Phone 7 could be in some kind of help here also. Another article on using ACS with iOS cabe found here. And also some quick overview of the Windows Azure SDK for iOS that supports ACS.
Basic flow: your application will get a security token from ACS, then send this token to either a REST or OData service. Your service will validate the token and take approriate actions according the result.
Related
how to use AWS RDS in flutter dart code?
I went through - this post
It says -
I work on the AWS SDK team. I am not aware of any plans to support Flutter at this point. I will take this to my team as a feature request and will post back
Should I do as suggested here?
Build your own service layer using HTTP, gRPC that talks to some backend service that provides access to a data store. You can do this with Express, Rails, CloudFunctions, etc.
You can either use dart code to do HTTP/gRPC, or use Platform channel to wrap dart code around native iOS and Android code of AWS official SDK.
On another note, I'm highly concerned when you connect directly from mobile (Flutter) to database (AWS RDS). Please be aware that anything on mobile app can be reversed engineer, and your database connection credential is not safe. It's recommended to have only backend proxy, or at least severless (such as AWS lambda function) connect directly to database (not mobile or web frontend). The only exception is with Firebase Realtime Database because it has seamless integration with Firebase Authentication
This is a very basic question. I want to do an SSO integration using ColdFusion but do not know where to start. I found the website ssoeasy.com through a google search, but am very confused about how to use it and where to find documentation.
I think it has something related with cfldap or cfhttp but not sure what and where:
<cfhttp method="get" url="http://testsso.com/login.cfm">
</cfhttp>
It really depends on what role you want to play in an SSO ecosystem. Are you an app in a larger federation (Service Provider), or are you trying to implement an SSO style login across multiple applications that you control, or are you looking to setup so that your users can log in with Google or Facebook or such other identity registers?
A few years back we did an implementation with Shibboleth (https://shibboleth.net/) and CF where our intended place in the system would be that of a Service Provider to other companies Identity Providers. It works pretty straight forward as we let Shibboleth handle all the SAML federation grunt work and then when it's completed we get an e-mail address (the unique identifier we decided on) back from Shibboleth saying that the user has been authenticated via the Identity Provider.
Other 'SSO' implementations are around for other types of integrations.
From CFCs to handle OAuth -- https://github.com/coldfumonkeh/oauth2
To integrated oauth support if you're running a new enough version of ColdFusion https://helpx.adobe.com/coldfusion/cfml-reference/coldfusion-tags/tags-m-o/cfoauth.html
Hope this is of assistance to you.
If I understand your SSO use case, the application will be a cloud service provider (SP). There are three things you need to determine to help in the selection of the appropriate technology, mainly (1) SSO protocol to integrate, mainly SAML, OAuth, OpenID Connect (OIDC), etc. (2) Hosting, mainly Cloud, On-Prem, or hybrid, and (3) whether or not IdP discovery is needed for your business partners.
Being ColdFusion based as well as working to be a cloud SP web application, my experience is that the application is to be hosted by your organization, such that an on premise SSO capability is desired, as well as IdP Discovery will be needed for your partners.
As noted in your question there are some options for integration. I have found the most popular approach to being a SP website is to utilize a vendor product that handles the SSO protocol (e.g. SAML, OIDC) where the integration with your ColdFusion application is based upon a simple REST API integration. With this design pattern, the vendor product manages all the security of the SSO protocol and then simplifies integration to your application as a secure REST API exchange of identity information. This will minimize the impact to your application and also give the most support for modern identity. One product that offers this capability is PingFederate via the Agentless integration (also referred to as Reference ID integration). I have had much success integrating ColdFusion applications following this type of approach.
SAML seemed to be the easiest to implement for our team. Phil Duba's 2013 Beyond Encrypt() presentation is a good starting place. His website is down right now, but I'm sure you can find the downloadable file somewhere. Learning about SAML in general would be a good idea. Also, you can use Java, so maybe look at SAML/OAUTH Java examples and try doing that for Coldfusion since it is based on Java.
We have an existing Android and iOS application that consumes REST API from our servers. The API provides a token to the authenticated users after they log in using their credentials (username, password combo.) from the mobile applications.
Now, we're planning to create a Google Glass application for the same. In this case, we'd like to use the existing REST API along with Glass also. The Glass app will be built natively using the GDK.
My concern is, how would the users be able to input credentials? Because, users may have signed up for the service using non-google accounts?
Many thanks in advance.
At the moment, there is no supported way for apps made with GDK Early Access to authenticate the user or provide a way to connect the Glass account to your auth system. The Glass team has indicated such methods are coming, however - the Strava Cycling app, for example, does this, and it is expected that a similar feature will become widely available as the GDK matures.
Strava Cycling appears to get its credentials at the time you setup the app through MyGlass. When you turn it on it redirects you to a website to log into Strava's service before completing the install.
I just gave a talk on this exact topic at Wearables DevCon. The solution I proposed is purely done through GDK. All the user has to do is sign into their Google Account on a phone/tablet/computer and enter a code that is shown on Glass.
Check out the slides here:
https://docs.google.com/presentation/d/1NepYwlKdEvLV0QH9ix2I8l-JY1kHjBR9AXKBNpgTI6g/edit
And the code here:
https://github.com/victorkp/GlassWebNotes
The latest Glass release (XE16) publishes the remote authentication API for apps distributed through MyGlass:
https://developers.google.com/glass/develop/gdk/authentication
I am working on a WP 8 app which I would like to connect to an on-premise(local) web service. I have managed to do so using simple BasicHttpBinding without secuirty and Azure Service Bus Relay, but i cant manage to make a secure connection. WP 8 only support BasicHttpBinding, and thats my biggest problem so far.
I understand that Azure mobile service is an efficent and easy way to securly connect your WP 8 app to the cloud. Is it possible to access an on-premise web service through Azure mobile service? And if possible, could it be done without exposing all the content of the local service publically via Azure Service bus relay?
You should be able to do this securely from WP8 -- I'm not quite sure why it's not working -- but even if you had to roll something yourself, it should be possible (example, check out this post from Michael Collier on doing something similar: http://michaelcollier.wordpress.com/2011/08/19/azure-sb-and-wp7/)
To the question, though, WAMS (Windows Azure Mobile Services) is definitely easy to use, but it wouldn't be feasible to do what you want -- that is, to be a public endpoint in this fashion. In short, WAMS gives you an easy to use CRUD interface to data that happens to also expose features for authentication and notifications, and at the same time gives you some server-side javascript to do custom work -- such as calling out to other services, sending emails or notifications, etc.
But, each request into WAMS is essentially mapped to a CRUD operation on a database table. While you could likely 'inject' a simple call, this isn't what you want. It sounds like using the service bus is the right way to do this and should be possible...
I'm writing an app which I need to store user details, location and connections in azure db but have no experience with cloud storage. I have created my azure database but not sure how to communicate with the wp7 app. Any thoughts on where to start with the web service,
Thanks, MH
The following may point you in the right direction "Using Windows Phone with Windows Azure
" :-
http://msdn.microsoft.com/en-us/library/windowsazure/hh689721(v=vs.103).aspx
http://windowsteamblog.com/windows_phone/b/wpdev/archive/2011/08/31/building-windows-phone-applications-using-windows-azure.aspx
As to windows phone azure project, do you mean Windows Azure Toolkit for Windows Phone? This toolkit is optional. It may help us in some cases, especially if we want to integrate with ACS. But a web service will be enough if all we need is to bring data to the phone.
Best Regards,
Ming Xu.
To add to Paul’s suggestions, the recommended architecture is: Hosting a service in Windows Azure (such as WCF Data Services). The service will talk to SQL Azure (if you use SQL Azure as the database). Client devices, such as Windows Phone, iPhone, Andriod, a web browser, and so on, will communicate with the service. If you use WCF Data Services, you can expose the data to clients via the OData protocol, which is supported by multiple devices. To get started with WCF Data Services, I would like to suggest you to check http://msdn.microsoft.com/en-us/library/cc668796.aspx. To learn how to consume OData in Windows Phone, please refer to http://blogs.msdn.com/b/phaniraj/archive/2010/03/19/developing-a-windows-phone-7-application-that-consumes-odata.aspx.
Best Regards,
Ming Xu.