Adding a proxy to any application on IIS

In a corporate environment, there is often a need for a web application on asp.net to realize the ability to log out through a proxy server (even with authorization) to download this or that information.

For example:

Implemented software requires downloading some information from a web resource at the application server level.
When hosting any CMS, the ability to connect the application to the repository of developers for downloading themes, plug-ins, etc. is required. (some CMS are not installed at all without prior authorization on the server side of the developers)
In SharePoint, there are many services that require a direct connection to Microsoft sites (for example, connecting to office.com to install external applications)

Consider 2 situations, focusing on the MSDN article:

1) Corporate proxy does not require authorization

In the web.config we add the section defaultProxy with the indication of the proxy server.
')

More + code

Make sure that you add this section to the configuration section and also after the subsection configSections, if present. For the proxyaddress parameter, specify the correct address of your proxy.

<configuration> <system.net> <defaultProxy useDefaultCredentials="true"> <proxy proxyaddress="http://proxyserver:80" bypassonlocal="true" /> </defaultProxy> </system.net> </configuration>

2) Corporate proxy requires authorization

2.1) We authorize the server (the cardinal approach is not always convenient and less secure). This option uses the same settings in web.config as in 1), but it is also necessary for proxy administrators to provide access to the server by its ip address for certain web links or the entire Internet. Note that it is often very difficult to determine which links the CMS or the SharePoint server is trying to access.

2.2) Authorization module for web application

If you pay close attention to the same article in MSDN, then for the defaultProxy section you can specify an additional subsection module .

This is a very important section that allows you to create your ( easily embedded ) access code to the proxy server. There is no need to edit the code of the application itself.

More + code + pictures

In visual studio, create a new library MyCorpAssembly.dll net 2.0 (to run in old sites) :
Rename the class to MyCorpProxy :

Add the following code: Do not forget to specify your own lines for "user", "password", "domain" and " my.proxy : 8080". In this example, the password is stored in clear text, but you can receive and store it in any secret way.

It is also better to create a service, domain record for authorization.

 using System; using System.Collections.Generic; using System.Net; using System.Text; namespace MyCorpAssembly { public class MyCorpProxy : IWebProxy { public ICredentials Credentials { get { return new NetworkCredential("user", "password","domain"); } set { } } public Uri GetProxy(Uri destination) { return new Uri("http://my.proxy:8080"); } public bool IsBypassed(Uri host) { return false; } } }

Sign the library with your key:
Compile and put the resulting MyCorpAssembly.dll into the bin folder of the site

Add a new section of defaultProxy to the site’s web.config:

  <system.net> <defaultProxy enabled="true" useDefaultCredentials="false"> <module type = "MyCorpAssembly.MyCorpProxy, MyCorpAssembly" /> </defaultProxy> </system.net>

You can restart the IIS application and check the availability of external resources.

I think the same functionality can work for applications written on .net, but I did not check.

Just in the folder next to the application, you need to create the AppName.exe.Config file and add the section defaultProxy

Source: https://habr.com/ru/post/278453/

All Articles

Adding a proxy to any application on IIS

Consider 2 situations, focusing on the MSDN article:

1) Corporate proxy does not require authorization

2) Corporate proxy requires authorization

2.2) Authorization module for web application

More articles: