Azure - Self service user creation - azure

I am designing / building a solution, in order to learn Azure.
First requirement is that users should be able to register themselves, login and have a change password / forgotten passord functionality.
Is there some standard functionality that gives this? For example is it included in ASP.Net MVC2, and will that run on the current version of Azure?
If there is standard functionality for this, where will the data be stored? Is Azure SQL a requirement.

Have a look at the standard asp.net MembershipProvider and RoleProviders, you can use these out the box, or created custom providers to implement this functionality using your own storage/architecture.

Related

Azure Logic App - Built In vs Managed connectors

Apologies if this is a silly question but for the last 2 hrs. I have been reading about the difference between built-in and managed connectors for Azure logic apps and it's driving me crazy. Can someone please explain in simpler language? Initially, I thought built-in connectors are for Azure services like Azure function or table storage whereas managed are for Microsoft services like O365 & Sharepoint, but after going through the list of connectors on Microsoft documentation, its not true.
Is this tenant based? For example, built-in connector will only allow connecting to azure services in that tenant but if we need to connect to an Azure service in a different tenant, we need managed connector. Even if this is true, how can something like SMTP be an inbuilt connector?
Is the difference on the basis of authentication? The mechanism to authenticate is different for built-in / managed
I think there are some differences between the two under the hood regarding how they are hosted, but I don't know how much difference that makes for you as a user. You can read a bit more here.
However, the main difference that I have noticed and that makes me prefer the built-in connectors (when applicable) is how you can set up the authentication. Especially when trying to set up CI-CD for Logic Apps (and devloping locally in VS Code) this makes a big difference. For the managed connectors, a managed api connection is created in the portal and it's a nightmare trying to parameterize that when developing in VS Code and incorporating that to Devops-pipelines.
Built-in connectors run in the same platform where your logic apps is hosted whereas Managed connectors are hosted in public cloud. When you use built-in connectors the information configured for the connector will not be sent to public cloud for processing it will run natively in your Logic Apps. This makes it more secured. There are many differences for example authentication method, api connection file, and many more.

In Azure, how to create Web application which will capture user information mostly a normal Web Form for 300 users and Create Dashboards

My Requirement is
Capture the user information e.g. name, id, email id, etc. which currently Im capturing through the excel sheet by sending the sheet to everyone. I want to automate this in Azure by creating a simple web application.
Store the information in a DB or storage.
Create Graphs and dashboards. Update the dashboards automatically as and when the informrtaion gets added/updated.
Provide users access to the Web application(Front-end) forms only.
Allow users to update the information they provided as and when needed.
Allow application access using Azure AD
What are the possible simple solutions available in Azure with minimal cost.
Thanks,
Yogesh
Have a look at https://learn.microsoft.com/en-us/azure/app-service/tutorial-dotnetcore-sqldb-app?pivots=platform-windows which is a quick start tutorial that uses https://github.com/azure-samples/dotnetcore-sqldb-tutorial. It outlines creating an application and storing in an Azure SQL DB. By using .NET Core, you can leverage either Windows or Linux app service plan which opens your options as far as pricing goes. In the repo, you can modify Todo.cs to match your user information requirements.
For allowing application access using Azure AD, have a look at https://learn.microsoft.com/en-us/azure/app-service/tutorial-auth-aad?pivots=platform-windows.
You can get started easily by using a Free tier app service plan and either basic or general DTU or v-Core Azure SQL Database pricing.

What is the best practice for updating an already existing web app deployment using ARM?

My company developed an Azure Resource Manager-based solution that deploys a set of resources (essentially a Storage, SQL DB and Web App), and it is already implemented as our provisioning process for new customers.
However, we are now studying the best way to perform updates, and one of the hypotheses we are considering is having a specific template that updates the binaries of this application.
The idea is to have a separate template, that only has the web app, an app host and a MSDeploy resource that gets the latest version of our package and reuploads it to that web app.
The only problem I'm seeing with this solution is the ability to handle any changes in configuration that are necessary with newer version of the binaries - we do not want users to have to re-input any parameters they placed for the original deploy (done via a Deploy To Azure button), so, any configurations will have to be performed within the application - the plan is for it to use the Microsoft.WindowsAzure.Management.WebSites library.
The major limitation with using Microsoft.WindowsAzure.Management.WebSites is that you are restricted to authenticating with either a certificate or a service principal. Ideally we would like to find a way for the updates to not need any authentication other than the one you provide when you are deploying the update.
Is there any recommendation of best practices to follow for this kind of scenario?
Thank you.
Link to the equivalent discussion on TechNet
It is possible to update only via ARM templates.
For example connection strings can be added automatically to the application settings even when creating the dependent resources themselves.
Ex. Account storage connection string.
Only first time creation of your web sites will take a bit more time, something like 30 sec.
ARM will not destroy your WebApps if they exist already. it will update only.
If there are no changes, then the deployment is very fast.
If your changes require a new Appsettings parameter, you can enter it in ARM , check in to your repository.
and next deployment will pick up and update the WebApp.
So no need for anyone to log-in and update.
Our final decision was to give up on using ARM exclusively. The Service Principal solution, through the SDK, would allow us to use a Web Job or a Site Extension to perform (automatic or prompted) updates that included configuration changes. However, it would require "too many" privileges - why would a customer trust an application that can, at will, create new resources or update existing ones to increase his Azure bill?
The decision was made to utilize Powershell only for updates - if the customer can see the scripts and authenticate himself, this is not a concern. Sadly, this increases update complexity, but we found it to be a necessary evil.

how to write a cloud-based Active directory .NET application

I work for a network management company and I want to write a .Net application (MVC 4) that will allow us to service Active Directory users from a cloud-based application.
As I have never written a cloud-based app, I don't know if I'm using that term correctly or not. I am in the requirements gathering stage. Basically, I'd like to provide our customers with the ability, for example, to change their own password using our cloud-based application.
is this an application that should be written specifically using Azure? If not, what tools and platform(s) should I take into consideration?
What tutorials or other resources are available ?
Actually, I don't even know enough about Active Directory and Cloud computing to ask the right questions. But, I hope someone will point me in the right direction
Read How to Authenticate Web Users with Windows Azure Active Directory Access Control. There are great walk-throughs there. There is more reading and code samples here - Access Control Service 2.0.
That's using ACS.
You could go direct to Azure Active Directory if you wished?
Refer: Adding Sign-On to Your Web Application Using Windows Azure AD.
If you use Office 365, you already have an AAD tenant.

How do you create an Azure deployable WebRole that use LiveId and Access Control Service

I need some help with creating a simple WebRole that uses federated authorzation/authentication with LiveId and the Access Control Service. I'm able to get it working with a local test ASP.NET application, but can't seem to find any information on the steps necessary to do this with a Web Role that can be deployed to Azure. The only information that I've found is to handle this scenario using a custom STS and the ACS or just LiveID, but nothing that demonstrates using both together.
Is there currently a limitation with Azure that prevents this? I've read some articles that seem to indicate it isn't currently possible due to the Geneva Framework not being fully implemented on Azure - can anyone confirm?
Thank you very much for any help!
You may find this resource useful - http://code.msdn.microsoft.com/wifwazpassive. It shows how to use ACS in an Azure Webrole. It does use a custom STS, not LiveID, but given that it's using Geneva framework components it should be possible to make it work with LiveID.

Resources