Protected web api configuration

Like web apps, the ASP.NET and ASP.NET Core web APIs are protected because their controller actions are prefixed with the [Authorize] attribute. The controller actions can be called only if the API is called with an authorized identity.

Consider the following questions:

  • Only an app can call a web API. How does the API know the identity of the app that calls it?
  • If the app calls the API on behalf of a user, what’s the user’s identity?

Read more here;

https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-protected-web-api-app-configuration

How to use AppSettings.json in Azure Web App and Web API?

In App Service, app settings are variables passed as environment variables to the application code.

For ASP.NET and ASP.NET Core developers, setting app settings in App Service are like setting them in <appSettings> in Web.config or appsettings.json, but the values in App Service override the ones in Web.config or appsettings.json. You can keep development settings (for example, local MySQL password) in Web.config or appsettings.json and production secrets (for example, Azure MySQL database password) safely in App Service. The same code uses your development settings when you debug locally, and it uses your production secrets when deployed to Azure.

Let’s say we have this AppSettings file;

{
  "ConnectionStrings": {
    "MyDB": "Data Source=localhost;Initial Catalog=ZooDB;Persist Security Info=True;User ID=monkey;Password=pepepe",
    "MyLog": "Data Source=localhost;Initial Catalog=ZoodDBLog;Persist Security Info=True;User ID=banana;Password=eat"
  },
  "AllowedHosts": "*"

The connection settings on Azure Api App or Web App blade under configuration would be;

First Database

Name
MyDB

Value
Data Source=remotehost.com;Initial Catalog=ZooDB;Persist Security Info=True;User ID=remoteMonkey;Password=xxxee

Type
SQL Server

Second Database

Name
MyLog

Value
Data Source=remotehost.com;Initial Catalog=ZooDBLog;Persist Security Info=True;User ID=remoteMonkey;Password=xxxee

Type
SQL Server

Let’s say we have these hierarchal settings in AppSettings file;

"ApplicationSettings": {
    "CanImpersonate": "true",
    "GenerateJwt": "false",
    "ActiveDirectorySource": {
      "DataSource": "Database",
      "ActiveDirectory": {
        "Username": "variable",
        "Password": "variable",
        "DomainName": "variable",
        "EmailKey": "mail",
        "FirstNameKey": "givenName",
        "LastNameKey": "sn",
        "PhoneKey": "telephoneNumber",
      },
      "Database": {
        "ConnectionString": "Data Source=localhost;Initial Catalog=ZooDB;Persist Security Info=True;User ID=monkey;Password=pepepe",
        "Table": "ad.monkeytable",
      }
    },
"AllowedHosts": "*"

The connection settings on Azure Api App or Web App blade under configuration would be;

Name
ApplicationSettings:ActiveDirectorySource:Database:ConnectionString

Value
Data Source=remotehost;Initial Catalog=ZooDB;Persist Security Info=True;User ID=monkey;Password=pepepe

Type
SQLServer

If there are application settings other than connection string, they would be configured like this;

Name
ApplicationSettings__ActiveDirectorySource__Database__Table

Value
ad.monkeytable

The only difference between single and hierarchal structure is addition of : and __ qualifier’s (Two underscores connected).

When reading in ASP.NET core application, hierarchy can be stepped down with (:). for example;

# get value from appsettings
var logConnectionString = configuration.GetSection("ApplicationSetting:ConnectionStrings:LogDatabase");

#use the value
Console.WrtieLine(logConnectionString.Value);

If for some reasons, above configuration doesn’t work, try to publish to app service using Visual Studio publish feature. Make sure to add connection dependency manually.

Sources

https://techcommunity.microsoft.com/t5/apps-on-azure-blog/asp-net-core-appsettings-for-azure-app-service/ba-p/392596

https://docs.microsoft.com/en-us/azure/app-service/configure-common?tabs=portal

https://docs.microsoft.com/en-us/azure/app-service/configure-language-dotnetcore?pivots=platform-windows#access-environment-variables

Cannot start the web project because administrative privilege’s are required..

While troubleshooting ASP.NET web form project, I hit by this error;

The solution is to Unload  and edit project properties. Delete these lines;

<DevelopmentServerPort>4192</DevelopmentServerPort>
<IISUrl>http://localhost/CPSWEB</IISUrl>

from this XML segment;

  <ProjectExtensions>
    <VisualStudio>
      <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
        <WebProjectProperties>
	…..
	----
        </WebProjectProperties>
      </FlavorProperties>
    </VisualStudio>
  </ProjectExtensions>

Reload project and it should work fine.

Resources

https://stackoverflow.com/questions/13454705/running-iis-express-with-admin-privileges

The Web Application Project is configured to use IIS

The web project in solution file is unavailable. Project reload show this message;

Here is the solution;

IIS Manager is required to run this web app and IIS Express doesn’t have IIS Manager or any UI. Following solution will work on IIS Express.

When you open Visual Studio and get the error message, right-click the project Solution Explorer and choose “Edit {ProjectName}.csproj”

In the project file, change the following line:
<UseIIS>True</UseIIS>
to
<UseIIS>False</UseIIS>
Save the file.

In my case it was this;

<UseIISExpress>true</UseIISExpress>

Now reload your project.
Done.

You’ll then be able to open your project. If at this point, you want to use IIS, simply go to your project properties, click the “Web” tab, and select the option to use IIS. There’s the button there to “Create Virtual Directory”. It may tell you that you need to run Visual Studio as an administrator to create that directory, so do that if needed.

Resources

https://stackoverflow.com/questions/10889421/the-web-application-project-is-configured-to-use-iis-the-web-server