Windows Authentication in IIS - iis

I have 2 web services A and B hosted under the same web site. Web Service A uses/calls the APIs of web service B.
Both the services are using the "Custom Application pool" as they need to access Database...and I need to use Windows Authentication for both the services.
So when I try to call the API of service A, it prompts me for userName and password and after that it throws an error.
Now if I change the authentication of web service B to anonymous, it works fine.
It seems to be double-hop issue but I am not sure how to fix it..
Please help me in fixing this issue..
Thanks

Related

How to enable Authentication on Asp Classic application running on Azure

I'm facing a strange request.
We have an ASP CLASSIC application, and there is the need to make it run under Azure, with Active Directory authentication.
Is this even possible?
Any suggestion is appreciated
SOLUTION:
Using the editor in the App Service, and upload all the files of the ASP website
Enable Authentication through Microsoft Provider in the app service
On Azure Active Directory, in the Registered App, is possible to create groups and add user to be enabled to access the website

How to secure azure pre-production web app

we want to use azure web apps not only for production but also for pre-production sites. These sites should be accessible only for Users in our Azure AD or even better only users with specific roles in the Azure AD. Or as a workaround some form of authentification without changing the code of the App. Since the App should be available public in some point of time.
At the moment these web servers are hosted in our internal network so they are only accessible through vpn or on site.
How can I secure a pre-production web app?
I tried the built in authentifcation with AD but I can't authorize a specific AD Role or AD Directory without changing the application it self.
What would be perfect for us would be a simple Basic Auth on the web app which I understand is also not possible without changing the App.
Anyone facing the same problem?
Maybe there is a design pattern for this? Or some Gateway to handle this?
Any hints would help,
Thanks
Stefan
Follow this article which shows how to configure Azure App Service to use Azure Active Directory (Azure AD) as an authentication provider.
Some best practices when setting up your app and authentication:
Give each App Service app its own permissions and consent.
Configure each App Service app with its own registration.
Avoid permission sharing between environments by using separate app
registrations for separate deployment slots. When testing new
code, this practice can help prevent issues from affecting the
production app.
https://learn.microsoft.com/en-us/azure/app-service/configure-authentication-provider-aad

Forms Authentication not working in Azure app service

I have a .NET MVC 4 application with .net framework 4.6.1 with forms authentication enabled. Is it possible to have this hosted in Azure app services. I am not finding an option in app services to have forms authentication enabled and getting the attached message when I navigate to the website.
I have the application taking me to the login page on a local server with IIS however not being able to make it work in App services. Any help would be appreciated.
Thanks.
I was able to get this working by fixing a connection string which was causing an error however the message for default document not set in azure may have been misleading.

Can't connect to Azure webapp using work account authentication

I am creating an Azure web application that serves as a gateway to our organization's database. As I don't want our database to be accessible by the whole internet, I want to use some kind of authentication.
I achieved this authentication by following these steps:
1) Microsoft Visual Studio -> File -> New -> Project -> ASP.NET Web Application
2) Select MVC and click on the 'change authentication' button
3) Select Company or School as authentication method and fill in the right domain name
4) Now I publish the web application and browse to the link
5) I get forwarded to the login.microsoftonline page and asked to log in with my organization's email.
6) After logging in with my organization's email, localhost can't connect to the web application and throws the following error: ERR_CONNECTION_REFUSED
If I follow the same process as above but select no authentication, everything works fine. In addition, all our organizational addresses are on Azure Active Directory.
Does anyone know why I can't connect to the application and/or has suggestions to solve this?
All help is greatly appreciated!
The issue was solved by going to app services -> Authentication/Verification -> authenticate with Azure Active Directory. Thereafter, go to Azure Active Directory and add the web application's URL to reply URL's / properties of the AD instance.

WSO2 Passing Windows NTLM authentication through ESB to .NET REST Data Service

I have a .NET data service that resides on a windows server using basic authentication. I have a custom proxy service set up in the ESB that points to my data service endpoint. When I access the data service through Internet Explorer it asks for my credentials as expected and everything works fine. However when I change the IIS to use Windows Integrated authentication for the data service I don't get a response. How do I get the ESB to handle the authentication handshake between my data service and the browser or any other application calling the data service?
"Windows Integrated authentication" do you mean kerberos ?. if so http://blog.facilelogin.com/2010/12/kerberos-authentication-with-wso2-esb.html might help you.
Regards,
/Nuwan

Resources