locked
Restricting access to Azure web role RRS feed

  • Question

  • I've deployed RavenDB to Azure and run it under IIS in one web role.

    Now I would like to restrict access to it to either another web roles / worker roles or certain admin users.

    What are the possible options and their pros and cons?

    Here's what I've managed to find out up to now:

      • I know that RavenDB supports Windows authentication, but I've read that it's difficult to use it in Azure. Is it possible to create a local user on web role start up?

      • Can I somehow use Azure ACL to restrict access to the RavenDB web role?

      • Should I use certificates?

      • Should I start reading about federated identity?

      • I don't think I can restrict access by IP as I want to be able to create new roles and also access db role from the internet.

    I would prefer a solution that wouldn't stop / hider me from spinning up new instances of web / worker roles that need to talk to my db role.

    PS. I post the same question on SO: http://stackoverflow.com/questions/12611585/restricting-access-to-azure-web-role


    Thursday, September 27, 2012 10:50 AM

Answers

  • I am not familiar with RavenDB. But if it supports ASP.NET membership, then the simplest solution is to use membership. Please configure an administrator account and store the information in the membership database. If membership is not supported, consider to build your custom database table to store such information, and then use forms authentication.
    Friday, September 28, 2012 7:55 AM