Introduction

One of the requirements when building a business application, which may give access to private business data, is that only authenticated employees or agents be able to see that data. So how can you use Azure Maps in combination with authentication and authorization to ensure only the people that should be allowed have access?

Our Azure Maps docs describe in detail many different authentication scenarios but the complexity can make it seem difficult to implement. This blog post will focus on our most requested authentication scenario for Azure Maps. Use the following step by step guidance to have a .NET web application embedded Azure Maps web control where only authenticated users can see the website and use the map.

What is Azure Application Gateway?

Azure Application Gateway is a reverse proxy with optional WAF (Web Application Firewall) capability to allow incoming connections from external sources. The Gateway operates at Layer 3, 4, and 7 for IP-based, TCP/UDP-based, URL-based, and Host Header-based routing.

When to use the Application Gateway?

Microsoft has multiple services to protect and accelerate your applications; they are used for different scenarios, depending on where your users are:

Introduction

Azure Key Vault is a managed service that offers enhanced protection and control over secrets and keys used by applications, running both in Azure and on-premises.

The Basics

Service Tiers

Azure Key Vault is currently offered in two service tiers: Standard and Premium. Key Vault in Standard tier is limited to secrets and software-protected keys, while Key Vault in Premium tier additionally supports keys stored in Hardware Security Modules (HSMs) and are FIPS 140-2 Level 3 validated.

Today, when a website does not have an SSL/TSL certificate, web browsers give you a warning not secure. This warning not only scares people but also gives you a disadvantage in search engine ranking. On Azure, web sites have a default https-enabled URL, like https://sitename.azurewebsites.net/, but when you have a vanity domain configured, you are missing this secure connection. Luckily there are some free SSL/TLS certificate options to explore.

Let’s Encrypt

Wait, there is Let’s Encrypt, its free! Why are you not using this excellent service? Yes, that is true, but there are some downsides to use Let’s Encrypt (on Azure), like:

Microsoft provides for most Azure services an Service Level Agreements (SLA), where you can find the availability for that services. The availability has a rage from 99.9% to 100% or no range at all (for some free services).

“We guarantee that 99.95% of the time, the Azure … Service will successfully receive and respond to …”

The SLA describes Microsoft’s commitments for uptime and connectivity. It is also somewhat guaranteed, i.e., it is backed financially. It shows Microsoft will refund you when it fails the SLA, but it doesn’t back your business.

There are many libraries and services to generate PDF files for asp.net core web applications. There are excellent commercial solutions out there, but if you need a free solution, it gets harder. Some libraries are hard to use, or others are limited in functionality. I need a free, easy to use, and quick solution to generate PDF files on an Azure Web App.

Can a View retrun a PDF?

What I need is a View that returns a PDF and not HTML what it usually does. The beauty of using a standard View is that I can use my web and asp.net core knowledge to design the View. In this case, I need to generate invoices.

Most websites don’t need a dynamically generated page for every visitor; it is slow, expensive, and requires continuous updates to be secure. A static site is fast and reliable. I hear you thinking; this is old school, most websites are interactive and are using a CMS in some kind to manage their content.

Headless CMS

The solution for a static website is to make use of a headless CMS, like Hugo or Jekyll. Basascly, you generate a static site from content and a template, similar to what this blog is doing.