Skip to content

Commit 5064104

Browse files
cephalincephalin
committed
update MSI tutorial
1 parent 18db885 commit 5064104

File tree

1 file changed

+7
-30
lines changed

1 file changed

+7
-30
lines changed

articles/app-service/app-service-web-tutorial-connect-msi.md

Lines changed: 7 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ description: Learn how to make database connectivity more secure by using a mana
44

55
ms.devlang: dotnet
66
ms.topic: tutorial
7-
ms.date: 11/18/2019
7+
ms.date: 04/27/2020
88
ms.custom: mvc, cli-validate
99
---
1010
# Tutorial: Secure Azure SQL Database connection from App Service using a managed identity
@@ -19,8 +19,8 @@ When you're finished, your sample app will connect to SQL Database securely with
1919
> [!NOTE]
2020
> The steps covered in this tutorial support the following versions:
2121
>
22-
> - .NET Framework 4.7.2
23-
> - .NET Core 2.2
22+
> - .NET Framework 4.7.2 and above
23+
> - .NET Core 2.2 and above
2424
>
2525
2626
What you will learn:
@@ -99,7 +99,7 @@ The steps you follow for your project depends on whether it's an ASP.NET project
9999
In Visual Studio, open the Package Manager Console and add the NuGet package [Microsoft.Azure.Services.AppAuthentication](https://www.nuget.org/packages/Microsoft.Azure.Services.AppAuthentication):
100100

101101
```powershell
102-
Install-Package Microsoft.Azure.Services.AppAuthentication -Version 1.3.1
102+
Install-Package Microsoft.Azure.Services.AppAuthentication -Version 1.4.0
103103
```
104104

105105
In *Web.config*, working from the top of the file and make the following changes:
@@ -134,7 +134,7 @@ Type `Ctrl+F5` to run the app again. The same CRUD app in your browser is now co
134134
In Visual Studio, open the Package Manager Console and add the NuGet package [Microsoft.Azure.Services.AppAuthentication](https://www.nuget.org/packages/Microsoft.Azure.Services.AppAuthentication):
135135

136136
```powershell
137-
Install-Package Microsoft.Azure.Services.AppAuthentication -Version 1.3.1
137+
Install-Package Microsoft.Azure.Services.AppAuthentication -Version 1.4.0
138138
```
139139

140140
In the [ASP.NET Core and SQL Database tutorial](app-service-web-tutorial-dotnetcore-sqldb.md), the `MyDbConnection` connection string isn't used at all because the local development environment uses a Sqlite database file, and the Azure production environment uses a connection string from App Service. With Active Directory authentication, you want both environments to use the same connection string. In *appsettings.json*, replace the value of the `MyDbConnection` connection string with:
@@ -143,33 +143,10 @@ In the [ASP.NET Core and SQL Database tutorial](app-service-web-tutorial-dotnetc
143143
"Server=tcp:<server-name>.database.windows.net,1433;Database=<database-name>;"
144144
```
145145

146-
In *Startup.cs*, remove the code section that you added before:
147-
148-
```csharp
149-
// Use SQL Database if in Azure, otherwise, use SQLite
150-
if (Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") == "Production")
151-
services.AddDbContext<MyDatabaseContext>(options =>
152-
options.UseSqlServer(Configuration.GetConnectionString("MyDbConnection")));
153-
else
154-
services.AddDbContext<MyDatabaseContext>(options =>
155-
options.UseSqlite("Data Source=localdatabase.db"));
156-
157-
// Automatically perform database migration
158-
services.BuildServiceProvider().GetService<MyDatabaseContext>().Database.Migrate();
159-
```
160-
161-
And replace it with the following code:
162-
163-
```csharp
164-
services.AddDbContext<MyDatabaseContext>(options => {
165-
options.UseSqlServer(Configuration.GetConnectionString("MyDbConnection"));
166-
});
167-
```
168-
169146
Next, you supply the Entity Framework database context with the access token for the SQL Database. In *Data\MyDatabaseContext.cs*, add the following code inside the curly braces of the empty `MyDatabaseContext (DbContextOptions<MyDatabaseContext> options)` constructor:
170147

171148
```csharp
172-
var conn = (System.Data.SqlClient.SqlConnection)Database.GetDbConnection();
149+
var conn = (Microsoft.Data.SqlClient.SqlConnection)Database.GetDbConnection();
173150
conn.AccessToken = (new Microsoft.Azure.Services.AppAuthentication.AzureServiceTokenProvider()).GetAccessTokenAsync("https://database.windows.net/").Result;
174151
```
175152

@@ -228,7 +205,7 @@ In the Cloud Shell, sign in to SQL Database by using the SQLCMD command. Replace
228205
sqlcmd -S <server-name>.database.windows.net -d <db-name> -U <aad-user-name> -P "<aad-password>" -G -l 30
229206
```
230207
231-
In the SQL prompt for the database you want, run the following commands to add the Azure AD group and grant the permissions your app needs. For example,
208+
In the SQL prompt for the database you want, run the following commands to grant the permissions your app needs. For example,
232209

233210
```sql
234211
CREATE USER [<identity-name>] FROM EXTERNAL PROVIDER;

0 commit comments

Comments
 (0)