Using Azure Table Storage as ADAL token cache

Outline: In this post I will talk about the possibility to replace a SQL Database as the ADAL token cache in the default Visual Studio ASP.NET MVC Template. The replacement data store will be Azure Table Storage.

At a recent project we where using an ASP.NET MVC Website to present data located in Azure Table Storage. The application was using Azure Active Directory for its Authentication.

When creating an ASP.NET MVC Site and adding Azure Active Directory for Authentication, the Template will add a ConnectionString to a Database to use for the ADAL Token Caching:

When you deploy this to an Azure Website you will need to use an Azure SQL Database. Using LocalDb in Azure is not possible. (The Publish tool in Visual Studio guides you in this.)

After deploying this the first time to Azure we ended up with 2 storage backends: Azure SQL Databse (for Authentication) and Azure Table Storage (for the real Business Data). As the SQL Database was only used for the ADAL Tokens, we surely wanted to get rid of this beceause of the extra cost in Azure.

As we were already using Table Storage, we decided to go with that.

From Azure SQL to Azure Table Storage

  • Add the Windows Azure Storage nuget package to your solution
  • Setup a storage account and add the connection configuration to your web.config
  • Add your custom AdalTokenCache implementation. Remove “AdalTokenCache.cs” and “ApplicationDbContext.cs”

  • Use it in “Startup.Auth.cs” and “UserProfileController.cs”
AuthenticationContext authContext = new AuthenticationContext(Authority, new TableTokenCache(signedInUserID));

 

A complete working sample can be found on GitHub: https://github.com/joenmaes/TableTokenCacheSample

 

Creating a Logic Apps Singleton Instance

Since the release update of 2016-11-18  we can now mark a Logic App trigger as “Singleton”.

Which results in a Logic App that will run as only one instance at a time. To be more precise: it is the trigger who will not fire unless the previous instance of the Logic App has fully completed.

A trigger which was skipped because of a running instance will result in a “WorkflowRunInProgress” code.

 

 2016-11-30-13_05_36-history-microsoft-azure

Marking a trigger as singleton

Currently there is no possibility to mark a trigger as singleton in the designer. You need to switch to codeview and add the following at the same level as the recurrence property.

1
"operationOptions": "SingleInstance",

As soon as you save, the setting will become active and your Logic App will run as a singleton.

BizTalk 2013R2 SB-Messaging: The X.509 certificate CN=servicebus.windows.net is not in the trusted people store.

The Problem:

After configuring a brand new BizTalk 2013R2 production environment and requesting the needed firewall exclusions to the security department, we were unable to send messages to Azure ServiceBus using the SB-Messaging adapter in BizTalk 2013R2 (using ACS authentication). We found the following warning in the EventLog:

The adapter “SB-Messaging” raised an error message. Details “System.ServiceModel.EndpointNotFoundException: The X.509 certificate CN=servicebus.windows.net is not in the trusted people store. The X.509 certificate CN=servicebus.windows.net chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.

2016-04-08 17_19_28-2

 

The Solution:

Thanks to this post on StackOverflow I was able to fix the problem by “auto installing” the missing certificate.

The following steps solved our problem:

  1. Configure the company web proxy needed for internet connectivity on the server used by BizTalk for ServiceBus connectivity
  2. Use a .NET console test application to send/receive a dummy message to an Azure ServiceBus test queue
  3. Remove the web proxy config
  4. Repeat on every server
  5. Test using the BizTalk SB-Messaging Adapter

 

After using the console test application, we got the following info message in the eventlog:

2016-04-08 17_15_10-1

 

Small sidenote regarding the .NET console test application, make sure you use the “AutoDetect” connectivity mode:

1
ServiceBusEnvironment.SystemConnectivity.Mode = ConnectivityMode.AutoDetect;