I am trying to find code examples of:
1. Remote MVC App on IIS
2. Data is on the customers SQL Server and on the windows domain they are using their web browser from.
I have a MVC app that works well with IIS and SQL Server being on the same domain.
However, I am trying to figure out how to extend the MVC App to multiple customers by hosting the site on a remote IIS server and having the remote MVC application on IIS query the customers SQL Server database.
I am comfortable with MVC, Entity Framework, & SQL Server but have had a hard time finding examples for this scenario.
You can certainly change the connection string of your application to work with any remote SQL Server instance you please. Obviously being outside the domain poses some additional challenges and security risks that you should consider, however, to get them talking to each other you can simply specify the server address in your connection string like so:
Data Source=192.168.10.1,1433;Network Library=DBMSSOCN;Initial Catalog=myDataBase;User ID=myUsername;Password=myPassword;
The Network Library parameter forces the use of TCP/IP as a network protocol. Note that the customer will have to set up a SQL Server Authentication user on their database to simplify this scenario - using a trusted connection will be impossible unless you integrate your Windows domains, which could be a significant amount of work for little benefit.
Related
We have a WinForms desktop app that connects to a remote server to pull some data. The remote server hosts a web service on a standard IIS website that queries a SQL Server database installed on the same machine. Today, if the remote server is under maintenance or not available our end-user cannot retrieve the necessary data.
Now I am requested to make this feature fault-tolerant. Here are my questions:
Should I ask for another remote server that runs the same web service and move the DB to a third remote server? So the two web services can connect to the same DB?
Should I consider moving the web service logic to the WinForms desktop app and connect directly to a remote DB paying a first-class 99.99% availability service?
Do AWS or Azure provide a ready-to-use solution that fulfills my requirements?
Is there any other option I didn't consider?
I am creating simple application where I need get and fetch data to DB. As I find out from Xamarin app is standard using of HTTP request to DB instead of directly connect to DB.
I create Azure SQL DB, I create application with connection to this DB. But I cant really find out how it now should works.
There is no many tutorials or they are not fully described.
I read this one https://learn.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-xamarin-forms-get-started#download-and-run-the-xamarinforms-solution
I find many references on this one but it seems out of date. Everybody recommended download the project from section
Run the Xamarin.Forms solution
On the settings blade for your Mobile App, click Quickstart (under Deployment) > Xamarin.Forms. Under step 3, click Create a new app if it's not already selected. Next click the Download button.
Under this tab I have only references to next tutorials but not any to Project Download. (screenshot below)
https://imgur.com/THCdUE1
Can you give me some advice if I do something wrong? Or link to updated tutorials? I am little desperate from this
Many Thanks
Azure SQL is not an HTTP/s service-- it runs proprietary SQL Server protocol on port 1433, just like on-premise versions of SQL Server.
If you are trying to connect directly to SQL Server from a Xamarin App, you are almost certainly making a mistake. Doing so would require providing credentials to your Xamarin app that can connect directly to your database, which opens your database up for a malicious user to do pretty much whatever they want to. The reason this kind of 2-tier application is dangerous is because the Xamarin app runs on an untrusted device (your user's mobile device), and a malicious user can intercept any data that your application has in memory, including your database credentials. They can then use those credentials to gain access to your database. Unless you were to use unique database credentials for each user (very impractical) and setup very stringent security roles in SQL Server, it'd be impossible to keep a malicious user from accessing the database for all of your other users (which is very, very bad). The other problem is that many networks block traffic on port 1433, or only allow access via an HTTPS proxy server, so your application would not function on many networks if it tried to connect directly to SQL.
This is the answer to your question, but please don't do this:
If you are certain that you have taken care of the security correctly, you should be able to install the System.Data.SqlClient nuget package and use that to communicate with SQL Server as you would with any .NET application. Here's a code example from Microsoft.
This is my opinion on what you should do instead:
The correct way for most Xamarin applications to communicate with Azure SQL database would be via an intermediary application server.
If your application access data specific to a user, should have per-user credentials in it (username and password that get exchanged for an authorization token when the user logs in is a common technique). The Xamarin app would then use HTTPS to make requests to your application server using those user credentials. The application server would validate the user credentials (authenticate that they are legitimate and authorize the data being requested based on who the user is) and make requests to Azure SQL.
If your application only access public data anonymously, then you can make unauthenticated requests to your application server which will blindly request that data from Azure SQL and return it to your client (though it would also return the same data to any attacker on the internet, so be sure if you use this approach you intend all data served to be public to the world).
In both cases, your application server would be the only piece that communicates with Azure SQL. For a .NET application this would typically be done via System.Data.SqlClient or perhaps indirectly through an ORM like Entity Framreworks. The advantage to this 3-tier approach is that the untrusted client tier does not have unrestricted access to your database tier. Only the middle application server tier has the credentials for SQL Server, and it is trusted and runs in a secure environment (a server you manage, not an end-user's mobile device). This means that an attacker cannot intercept the database credentials and misuse them. It also means that your application only requires HTTPS data access to function, so your application will work on almost any network.
This is probably not the answer you are looking for, since it involves authoring an entire application server that has to be hosted by you (Azure App Service would be my recommendation, if you are already using Azure SQL). It also requires you to implement an API on the server, and then write an API client for your Xamarin application. This is no small amount of work.
I am developing a report in PowerBI Desktop based on data hosted in an Azure SQL Server VM.
When publishing a report, I get the below error:
Publishing succeeded, but the published report cannot connect to the
data source because we were unable to find a gateway. Please install
and configure an enterprise gateway
I believe this is because the enterprise gateway is installed locally on my azure VM, however I'm accessing it from my desktop by going over the web and through the firewall. Therefore I believe the issue is that my pc acceses the machine at
mymachine.cloudapp.net
Whilst the enterprise gateway knows the machine as
netbios-name
Is there any way that I can upload a desktop report to powerBI web using this configuration? The other solution would be to get the machine and sql server to identify itself as "mymachine.cloudapp.net" so that I can use this as the name to connect to through the enterprise gateway, but I'm not sure how to do that (adding the alias to SQL Server isn't enough).
It's a bit hacky, but I've got a work around.
Open the server and edit your hosts file and add the following line:
127.0.0.1 mymachine.cloudapp.net
Make sure that mymachine.cloudapp.net has been configured in SQL Server as an alias.
In PowerBI, add a new enterprise gateway data source, this time, use mymachine.cloudapp.net to connect rather than netbios-name. You will need to use SQL Authentication to connect.
Obviously connecting PowerBI to an Azure VM in this way is not ideal, as it could potentially be unencrypted, but this works around the issue of different host names between PowerBI Desktop and Web.
I have an application that currently uses Microsoft Access 2013 as a front end with SQL Server 2012 as a back end. When in the office, that's fine for the users, but some of the users need to be able to access (no pun intended) the application from other sites.
Is it possible to publish the Access front-end to the web while retaining the connection to the back-end tables in SQL Server, and allow the access from SharePoint as an alternate means of getting to the application?
There are firewall issues to contend with, so I was hoping that we'd only have to worry about a firewall opening between the SharePoint server (network A) and the SQL Server (network B). I'm sorry I can't be more specific than that.
I've been developing a site using ASP.NET MVC, and have decided to use the new SQL Server 2008 FILESTREAM facility to store files 'within' the database rather than as separate entities. While initially working within VS2008 (using a trusted connection to the database), everything was fine and dandy. Issues arose, however, when I shifted the site to IIS7 and changed over to SQL authentication on the database.
It seems that streaming a FILESTREAM doesn't work with SQL authentication, only with Windows authentication. Given this, what is the best practice to follow?
Is there a way to force this sort of thing to work under SQL authentication?
Should I add NETWORK SERVICE as a database user and then use Trusted authentication?
Should I create another user, and run both the IIS site and the database connection under this?
Any other suggestions?
Take a look at this article. I don't know a whole lot about FileStreaming and security, but there are a couple of interesting options in the FileStreaming setup such as allowing remote connections and allow remote clients to access FileStreaming