rmmcgr
commented
1 year ago Ok, as an update, found adding the following to the constructor of the DB context stopped the prompt opening in another browser window:
var connection = (Microsoft.Data.SqlClient.SqlConnection)Database.Connection;
var credential = new Azure.Identity.DefaultAzureCredential();
var token = credential.GetToken(new Azure.Core.TokenRequestContext(new[] { "https://database.windows.net/.default" }));
connection.AccessToken = token. Token;Taken from instructions at https://learn.microsoft.com/en-us/azure/app-service/tutorial-connect-msi-sql-database?tabs=windowsclient%2Cef%2Cdotnet#3-modify-your-project and slightly modified (the cast for the connection variable is now Microsoft.Data.SqlClient.SqlConnection, not System.Data.SqlClient.SqlConnection).
Also modified the connection string as per the above tutorial to be server=tcp:myservername.database.windows.net;database=mydatabasename
ErikEJ
As part of a migration project, I am moving our full-framework ASP.NET MVC application to ASP.NET Core (on .NET 7).
We can't migrate to EF Core and will continue for now with EF 6.4.4.
Under the old framework on .NET 4.8, we were using AAD authentication with system assigned managed principals.
To try and replicate this in the migrated project, I have installed the package ErikEJ.EntityFramework.SqlServer (version 6.4.4).
The DB context has been decorated with the attribute
[DbConfigurationType(typeof(MicrosoftSqlDbConfiguration))]When I attempt to run locally under Visual Studio a new browser tab opens prompting me to authenticate (and as I am logged in already because of other applications - like Office 365 - I can see my login in the list).
Clicking on the correct account in the list then shows an almost blank page with just the text "Authentication complete. You can return to the application. Feel free to close this browser tab.". The application running in the alternate browse tab is now running.
I've also noticed in the list of logins to choose from, there is one called "Any String".
The connection string that I was using under the full-framework project (and that I have continued to use) has the following format:
server=tcp:myservername.database.windows.net;database=mydatabasename;UID=AnyString;Authentication=Active Directory Interactive;Connection Timeout=3000;Is the form of the connection string wrong? Or is there something else I need to do?
My understanding was that when running under VS, it should use the VS logged in user as the account to authenticate the database with. Obviously when deployed to Azure App Service, we will have provided rights to the DB for the system assigned managed principal of the app service.
I don't understand why the authentication prompt is opening in another browser tab.
Thanks for any help/advice.