I am starting to write an open source application which is intended to be deployed on premises with MS SQL Server as backend. Now I was wondering how to go about deploying the application and the SQL Server backend.
For MSSQL there is a pretty clear installation path but I was wondering how I could create an easy installer for the web application. The idea is to copy the website to some location, start it and then call a special installation controller where the user could specify a database user with elevated privileges (such as the 'sa' user). The website should then create some database users, views and tables on that database and perform the initial setup. Additionally, it should also modify the configuration of the website to use the correct database user.
Of course, other ideas are welcome as well. How do you handle the deployment of a website for a small company which doesn't have dedicated IT staff.
Related
I am creating simple application where I need get and fetch data to DB. As I find out from Xamarin app is standard using of HTTP request to DB instead of directly connect to DB.
I create Azure SQL DB, I create application with connection to this DB. But I cant really find out how it now should works.
There is no many tutorials or they are not fully described.
I read this one https://learn.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-xamarin-forms-get-started#download-and-run-the-xamarinforms-solution
I find many references on this one but it seems out of date. Everybody recommended download the project from section
Run the Xamarin.Forms solution
On the settings blade for your Mobile App, click Quickstart (under Deployment) > Xamarin.Forms. Under step 3, click Create a new app if it's not already selected. Next click the Download button.
Under this tab I have only references to next tutorials but not any to Project Download. (screenshot below)
https://imgur.com/THCdUE1
Can you give me some advice if I do something wrong? Or link to updated tutorials? I am little desperate from this
Many Thanks
Azure SQL is not an HTTP/s service-- it runs proprietary SQL Server protocol on port 1433, just like on-premise versions of SQL Server.
If you are trying to connect directly to SQL Server from a Xamarin App, you are almost certainly making a mistake. Doing so would require providing credentials to your Xamarin app that can connect directly to your database, which opens your database up for a malicious user to do pretty much whatever they want to. The reason this kind of 2-tier application is dangerous is because the Xamarin app runs on an untrusted device (your user's mobile device), and a malicious user can intercept any data that your application has in memory, including your database credentials. They can then use those credentials to gain access to your database. Unless you were to use unique database credentials for each user (very impractical) and setup very stringent security roles in SQL Server, it'd be impossible to keep a malicious user from accessing the database for all of your other users (which is very, very bad). The other problem is that many networks block traffic on port 1433, or only allow access via an HTTPS proxy server, so your application would not function on many networks if it tried to connect directly to SQL.
This is the answer to your question, but please don't do this:
If you are certain that you have taken care of the security correctly, you should be able to install the System.Data.SqlClient nuget package and use that to communicate with SQL Server as you would with any .NET application. Here's a code example from Microsoft.
This is my opinion on what you should do instead:
The correct way for most Xamarin applications to communicate with Azure SQL database would be via an intermediary application server.
If your application access data specific to a user, should have per-user credentials in it (username and password that get exchanged for an authorization token when the user logs in is a common technique). The Xamarin app would then use HTTPS to make requests to your application server using those user credentials. The application server would validate the user credentials (authenticate that they are legitimate and authorize the data being requested based on who the user is) and make requests to Azure SQL.
If your application only access public data anonymously, then you can make unauthenticated requests to your application server which will blindly request that data from Azure SQL and return it to your client (though it would also return the same data to any attacker on the internet, so be sure if you use this approach you intend all data served to be public to the world).
In both cases, your application server would be the only piece that communicates with Azure SQL. For a .NET application this would typically be done via System.Data.SqlClient or perhaps indirectly through an ORM like Entity Framreworks. The advantage to this 3-tier approach is that the untrusted client tier does not have unrestricted access to your database tier. Only the middle application server tier has the credentials for SQL Server, and it is trusted and runs in a secure environment (a server you manage, not an end-user's mobile device). This means that an attacker cannot intercept the database credentials and misuse them. It also means that your application only requires HTTPS data access to function, so your application will work on almost any network.
This is probably not the answer you are looking for, since it involves authoring an entire application server that has to be hosted by you (Azure App Service would be my recommendation, if you are already using Azure SQL). It also requires you to implement an API on the server, and then write an API client for your Xamarin application. This is no small amount of work.
I'm trying to create a database when deploying my WPF application. I don't have any problem if the user of Windows is the admin user. But if the user uses Windows as a guest, the system doesn't allow me to create the database. I get a "permission denied" error.
Is there any way to get this permission when deploying the application or should the admin user give this permission manually before deploying?
Thanks in advance!
A guest account can only create files in it's own user folders.
Meaning they'd have to create the database in appdata or on their desktop ( which sounds like a bad idea ).
I'm not sure they'd even be able to install sql server express. Never tried to on a guest account.
Whether that's practical or not depends on what you're doing in what context.
Sql server express is a service based dbms with the service running in it's own context. You could maybe install sql server and a database on the machine for them and they connect to that.
If this is just a fairly simple application which grabs a small amount of input then maybe serialisation would be a better approach than a database.
We currently have a two-tier enterprise application where a Windows desktop app connects directly to an SQL Server database. Data access permissions are set in the database using standard SQL Server features, sqlserver windows authentication is being used (users use their domain logins).
We would like to introduce an application server layer, but we need the same authentication scenario, i.e. all the queries, initiated by the desktop app, have to be run in the database under user domain account that started the app.
It is also important that users do not enter their credentials in the app, the current domain account is used.
Client application is a WPF .NET desktop app.
Is this possible using ASP.NET WebAPI as an application server?
If you're using Active Directory to authenticate users, once they've successfully authenticated into your application, you will have their domain identity. You could then pass that as a part of the connection string for every user-specific database CRUD operation.
I would recommend that you have a shared SQL login though for core things such as caching, database logging and auditing, error logging, application authentication and authorization, etc.
Here's the scenario:
MVC web project
Three MS SQL Server database projects
One of the databases must be populated with lookup tables
Other tables are user data and don't need data uploading
GoDaddy hosting
Visual Studio 2013
I'd like to deploy everything (web project, sql schemas, reference data) to GoDaddy in one fell swoop, but they appear to only offer FTP uploading. When using FTP in the Web Publishing Wizard, it says "Database preview not supported for this method" which I'm taking "method" to mean FTP. I can publish the web project fine in FTP, but of course without the databases the web application generates errors.
So here are my questions
There is a "Web Deploy" publish method listed in the wizard, but GoDaddy has no information on how to set this up. Can this be used with GoDaddy and will it publish DBs also?
How does one configure the project to use the local SQL Server when running on localhost, but when deployed it uses the GoDaddy SQL Servers?
Can the data in the local DB be uploaded as part of the publishing wizard process, or is SQL Server Management Studio the tool of choice?
Thanks!
I don't believe GoDaddy supports WebDeploy. They didn't when I left their service a few years ago. You can talk to them to confirm whether this has changed.
This is the role of Web.Config Transforms. For an intro to the topic, see here; the article is a little out of date and doesn't mention one of the most useful points - you can add transforms for each publish profile, so they're applied according to your publish settings.
You probably can't upload the local DB file. In almost every hosting situation, the SQL server and the web server are two separate machines, and don't share any files (corollary: the web server doesn't have the SQL service installed). One workaround you can try is to publish the DB directly from your own machine. That is, if you can connect to the DB from your machine, you can do a Web Deploy publish to your own machine but it will send the SQL changes to your GoDaddy DB server.
A more advanced workaround for #3:
Set up your FTP publishing settings for your files
Figure out how to publish your DB through WebDeploy only/from the command line (you can refer to here for a sample using WebDeploy from the command line; note this is going from GoDaddy -> Local, but it's trivial to turn it around)
Customize the web publish pipeline to insert an MSBuild target to execute your WebDeploy command line (see here for an example of modifying the pipeline; you can add the target directly in your .pubxml file if you're not intending to use it for multiple projects).
This will give you a single publish profile which will separately publish your files (via FTP) and your DB (via WebDeploy).
I am a newbie with DotNetNuke and have been stumbling on how to deploy from the development server to the deployment server. For starters my development and deployment servers are one and the same machine. Here are the steps that I did:
DNN Setup
Downloaded DNN using WebMatrix.
Launched DNN and proceeded with the installation wizard, which is basically just testing the environment and then creating the DNN database.
After the wizard's installation launching DNN will now proceed to the Getting Started page
Added "localhost/dnn" in the site alias list
Moving to ISS
In IIS I added application (folder) DNN in the web root
I copied all the files from the original webmatrix path to the dnn folder in c:\inetpub\webroot making sure that the file/folder hierarchies are the same
Result:
When launching DNN using my browser I am directed to the installation wizard page instead of the Getting Started page. What am I missing?
Thanks!
Confirm that the permissions on the folder containing DNN are the same on your test server as they are on your development server. (I give Network Service read/write and IUsr Read/Execute)
Confirm that the application pool running your application has the proper identity (Network Service is suggested) and is running the proper .NET Framework version; based upon your question, I think you are set on this.
Gain access to your web.config file. You will see a ConnectionStrings section. You probably need to update the connection strings.
If your test server runs off of a different database than your dev server, figure out the connection string of your test server and update your connection string accordingly
You may be able to restore a .BAK file of your DB to your test server
If you do this, you will probably need to (in SSMS) edit your Portal Alias table to include the host name that you are using in your test server environment. Examples: Maybe you access the site via localhost/ on your dev environment, but you access to test site via test.Ronald.com? test.Ronald.com would be your PortalAlias
If your test server runs off the same database server as your dev server, it sounds like you need to open up access in firewalls so that your test server has connectivity to your dev database
A word of advice
Once you get it running, you will be making changes to each database separately (assuming your test site and dev site use different DB Servers). This sync issue can be a royal pain with DNN, as your page structures, module assignments, html module contents, installed modules/extensions will get out of sync. While restoring backups is nice, it is not a very good long-term solution. I recommend database-syncing tools
The problem is most likely a problem with DNN not being able to find the Database. If it can't find the database, it will run the wizard in order to create one.