I'm having some trouble accessing the AWS credentials in the SDK Store, but it seems to only be a problem when running under IIS. If I hit the same code by invoking an NUnit test with ReSharper the dependency injection works and the S3 client is able to authenticate.
IAmazonS3 s3Client = new AmazonS3Client();
Has anyone else run into this problem? How were you able to get the dependency injection to work?
[Edit]
The credential file approach has been recommended for use with IIS because the SDK Store encrypts the credentials differently for each user. I can only get a credentials file to work if I hard-code the path in the appSettings which I do not want to do.
Where would the SDK look for the credentials file besides the below paths?
C:\Users\<IIS_app_name>\.aws\credentials
C:\Users\<my_domain_user>\.aws\credentials
The question was answered under Pavel's answer, but I'll post an answer to make the information easier to consume. You can specify the credentials file location in the webLocal.config (I wasn't able to get it to work without that). When the app is deployed, the credentials file location will be an invalid path, and the SDK will fail over to using the IAM role for the EC2 instance.
webLocal.config
<?xml version="1.0"?>
<appSettings>
<!-- AWS -->
<add key="AWSProfilesLocation" value="C:\Users\<IIS_app_name>\.aws\credentials" />
<add key="AWSRegion" value="us-west-2" />
<add key="S3Bucket" value="bucket." />
</appSettings>
The dependency injection will work when you instantiate a client without arguments.
IAmazonS3 s3Client = new AmazonS3Client();
The SDK Store saves the credentials under the C:\Users\<username>\AppData\Local\AWSToolkit folder, so unless IIS is being run under the same account as the NUnit tests, IIS will not be able to access the same credentials.
This blog discusses the various options for storing and using credentials. In your case, it looks like a better option would be to use the credentials file.
Related
I am trying to connect to Azure Active Directory from an ASP.NET application. I am following this article by Microsoft to write the code:
https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-aspnet-webapp#prerequisites
Below are my values I am putting in the application:
<add key="ClientId" value="XXXXXXXXXX" />
<add key="Tenant" value="XXXXXXXXXXXXXXXXXXXX" />
<add key="Authority" value="https://login.microsoftonline.com/{0}/v2.0" />
<add key="redirectUri" value="https://localhost:5000/" />
For my redirect URI, I use https://localhost:5000/. This is what I configured in my App registrations in the Azure portal. When I run my application, I get this error:
When I change the redirectUri to https://localhost:44368/ then I can see the Microsoft login and Microsoft accepts the userId too, but I get an error after inputting my password saying :
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application:
Any help will be highly appreciated.
The error says it all. You have to check in App Registrations > Manage > Authentication > Redirect URL and see if the URL https://localhost:44368/ is configured there or not. If its configured, you will be able to get the required response for sure.
I have this custom section in my web.config
<defaultUserAccounts>
<userAccount email="x#x.com" password="xxx" />
<userAccount email="y#y.com" password="yyy" />
</defaultUserAccounts>
I host my web app on Azure and I want to be able to add new userAccount in the Azure App Settings.
I tried with:
defaultUserAccounts.userAccount.email / z#z.com
defaultUserAccounts.userAccount.password / zzz
OR
defaultUserAccounts:userAccount:email / z#z.com
defaultUserAccounts:userAccount:password / zzz
But it doesnt work. I can read the web.config custom section in localhost, but not when the app is hosted.
Could you help me?
You can only write the app settings using the management API of Azure. See here for an example using the Fluent SDK. Otherwise the settings are read-only from within the app.
https://stackoverflow.com/a/50116234
If you don't want to configure app setting in the Configuration you could follow this tutorial:Configure app settings configure it under tag <appSettings> in Web.config, but the values in App Service override the ones in Web.config.
The below is my test:
And use System.Configuration.ConfigurationManager.AppSettings["testkey"] to get the value, the below page is get the value with host in Azure.
Hope this could help you.
I've been working on a project to move all of our applications to use external .config files to store connection strings so they are no longer kept in source control. As part of this, we are now encrypting these connection strings on deployment.
web.config
<connectionStrings configSource="ConnectionStrings.config"/>
ConnectionStrings.config
<connectionStrings>
<add name="MyDatabase" connectionString="MyConnectionString" providerName="System.Data.SqlClient">
</connectionStrings>
This is an application that I had to update from .NetFramework 4.0 to .NetFramwork 4.7.2 due to restrictions on our build server.
To encrypt the connection strings I have been running the following command (on the web server) for all of our applications thus far with no issue. Several of these were framework upgrades as well. Note: we give each of our web apps their own app pool.
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe" -pe "connectionStrings" -app "/MyApplication" -site "Default Web Site"
Every site so far has worked without issue in all of our environments. Now this most recent one, when encrypted, causes an infinite redirect loop with the same error each loop of
Failed to decrypt using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened.
If I go to the server and run the command line to decrypt, it succeeds and the app functions properly. I'm baffled and non of my coworkers have any idea either. I know it has to be something specific to this one application but I don't know where to begin. It is an old app that I didn't even work on and know nothing about. I've looked through numerous pages of similar RSA complaints but none of them seem to be this specific issue. And yes I am able to replicate this on multiple servers and even on my own machine.
I'm currently working on a .net core application that uses a azure service bus queue.
We are restricted to using AMQP over websockets and are behind a corporate proxy.
The QuietClient class does not provide anyway to set proxy information in any of it's constructors and we get a
"Cannot connect to remote server" error when we attempt to write a message to the queue.
The exact same code works when I use it from home - not behind a proxy!
In regular .net bypassing a proxy could be achieved by adding to default proxy configuration in the web.config.
<defaultProxy enabled="true" useDefaultCredentials="false">
<proxy usesystemdefault="True" proxyaddress="http://someAddredd:8888" />
......
</defaultProxy>
Because this is a .net core application the app doesn't use a web.config file for it's configuration.
When deployed to IiS a light weight web.Config file is created to allow the IIS to integrate with core's kestrel web server. However, adding the bypass proxy info to this does not work.
Any help would be much appreciated!
The deployment requirements for my app (a windows service written in C#) state the presence of a Proxy server.
From my interaction with the person who will install my app:
1. His company blocks access to internet via the proxy
2. He needs to provide the path to the proxy script in his IE Config.
3. He also needs to input a user-name/password.
My application needs to access a publicly hosted WebService. In preparation, I sent him a test Winform app. In the app.config file I used the setting mentioned in this post .NET client app: how to reach Web Services in case of proxy?
However, it did not work. I customized the proxy setting in App.config as per his IE settings, yet nothing seemed to work.
I don't want to hard-code the proxy settings in my app using the System.Net classes. There is no doubt in my mind that I want to use the config file.
So, I want to install a proxy on a VPC image and try and get my application to run.
My question:
1. What is a good proxy that I can install on my VM (windows only - no linux/squid pls.) that will replicate the behaviour that I mentioned in 2 & 3 above.
2. In case it is of interest, the proxy settings I used was:
<system.net>
<defaultProxy >
<proxy usesystemdefault= “False“ proxyaddress=“http://10.1.10.10:8080“ bypassonlocal=“True“ />
</defaultProxy>
</system.net>
Assuming that the system will read the settings from IE, I also tried
<proxy autoDetect="true" />
It did not work.
Pls. let me know if my requirements are unclear.
The open source squid proxy has Windows binaries.
If you have a Windows Server OS in you VPC, you could try out Microsoft's very own ISA Server. There's a 180-day trial version here.