Base solution for your next web application

Activities of "Loizos"

Hi @oguzhanagir

Thank you!

Hi @ismcagdas

Thanks for the reply!

I am just looking for the way to create a new module (project) in order to have all third party APIs implementation there (including many third party libraries) and not to tight the domain layer, hence be able to update asp.net zero easily as well.

Can I create this new module and add reference to .Core (domain) library? Is there any sample code on how to create new module?

Thanks, Loizos

Hi @ismcagdas

Any update on this?

Thanks

Hi @ismcagdas

So which project one exactly is the Web layer? Do you mean the ...Web.Core? Can you elaborate more on this why is it better than application layer?

Also please have in mind that we are going to have some business logic inside this code and also maybe an implementation of a factory pattern so that to instantiate the correct remote/third party API call each time. Isn't that goes to domain layer? That's why the confusion.

Loizos

Version 13.0.0, Angular 17, .NET 8

Hi Support,

Please advise on how to approach below case.

We have some third party APIs we have to call throughout our main ASP.NET zero application, however requires addition of NuGet packages, authentication keys, client certificates, etc.. so I wouldn't like to tight ASP.NET zero by just creating a domain service under .Core project and add all these extra requirements...

What is the best approach to handle this?

Do I have to create separate project (logical separation) inside the same solution to handle all this new functionality? If yes what would be the connection/references with the other projects?

Do I have to create a standalone API (physical separation) that will handle this functionality? In that case how do I consume it through my ASP.NET zero application so that to use same authentication/authorization?

Thank you in advance!

Loizos

Answer

Hi Ismail,

Thanks for the answers.

WAF - we mean a Web Application Firewall on Azure (https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview)

Basically a proposed security architecture to us is to deploy a WAF in front, then an API-Manager (both in DMZ) and then ASP.NET zero solutions (internal network).

We know that you already support a number of social and external logins/authentication, however, the question is if possible to configure ASP.NET zero so that authentication is done by any of these two (WAF or API-Manager).

Thanks, Loizos

Question

What is your product version? 12.1.0 What is your product type (Angular or MVC)? Angular 15 What is product framework type (.net framework or .net core)? .NET7

Hi support,

We are deploying our Application to Azure. We have a WAF protecting both the Application and the API service. These services are hosted on separate machines with a shared database. The WAF will do TLS termination.

We understand that JWT tokens is used as the authentication mechanism. However, we’re a little unclear on how the JWT token is used when accessing the API service. We are assuming the following scenario – are we correct please?

  1. User accesses web application a. one-way TLS between the application and the WAF gives us an encrypted connection – i.e. the user is not authenticated to the WAF. b. user authenticates to the web application (username/password) and the web app returns JWT token.

  2. User then calls the API service (which is on another machine) a. We assume that the JWT token has to be sent with the request to the API service? b. JWT authentication is then done at the API service i.e. authentication is done by the back-end machine?

Questions:

  1. Do you have a basic design diagram showing the above interactions?

  2. Can we configure the JWT service ?

  3. Where is the JWT token stored? (we assume the shared DB?)

  4. We would prefer it if the authentication was done nearer to the WAF and taken off the back-end service. We are considering an API-Manager between the WAF and the API service. a. Is it possible to configure our solution so that the JWT is handled by the API-Manager and not ASPNetZero? b. Do you have any examples of this architecture or do you think that this is not a good idea?

Thanks! Loizos

What is your product version? 12.1.0 What is your product type (Angular or MVC)? Angular 15 What is product framework type (.net framework or .net core)? .NET7

Hi support,

We are experiencing problems with login in (invalid user name or password) with host admin & default tenant admin users. Basically after upgrade to 12.1 we couldn't login to default tenant, we tried to impersonate host admin for this, it worked ok but then we realized that we cannot login to host admin. Something is completely messed up. Please advise!

Regards, Loizos

Hi @ismcagdas

No it's not an intranet app, will be fully exposed on internet. So, from security perspective is it enough to deploy both front & back ends behind a secure (HTTPS) port?

Thanks, Loizos

What is your product version? 11.4.0 What is your product type (Angular or MVC)? Angular 14 What is product framework type (.net framework or .net core)? .NET6

Hi support,

I would like to ask for some security recommendations on how to best expose front-end (Angular) and back-end web API on production environment. We know that due to it's an SPA application, both the front-end and back-end need to be accessible from the client side, but is it a good practice to deploy both in a DMZ zone? Is it secure? Please advise.

Thank you in advance!

Loizos

Showing 1 to 10 of 31 entries