Simple forms-based web app authenticated against Azure AD - Need advice re framework / tools to use

New Contributor

We have a need for a simple forms-based application that fronts SQL Server data, but this one needs to be secure.  And we also need to support named users from outside the firm.  It seems like a .NET web application is what we're looking for, with Azure AD as our source of authentication.

 

But as a novice .NET programmer, I find it confusing trying to sort through all the advice and tutorials and best practices out there, many of which are not dated.  Much of the advice seems out of date or inappropriate with today's technology.  We're planning to use C# and .NET 6 for this project and have Visual Studio Enterprise for development.  We'd like to get off on the right foot and use current technology and techniques.

 

For the application, we're looking for easy rapid development of a forms and event driven application, similar to what we're used to when using Access forms, buttons, controls for rapid development of utility programs.  Is there a recommended framework, or tool, or project type to support this kind of coding?  While I can do HTML and CSS and client-side Java if I have to, I'd prefer not to be involved in all the intricacies of the form presentation.  Visual forms design is a definite plus.

 

For security, we're looking to authenticate the user against Azure AD, with MFA.  We've got experience setting up other people's applications to authenticate against Azure AD, but never had to write one ourselves.  Is OWIN the current preferred method and, if so, is there a preferred library to use or tutorial to follow that is relevant to today's technology and .NET 6?

 

For reference, in the past, we'd often make Access front ends for quick and easy tools, especially those that interacted with SQL server databases.  The visual forms and easy event driven programming made it quite cost effective to develop and support these important but low-complexity projects.  We'd build a few forms, each fronting a table or view, add a few buttons or other controls with a couple of key lines of code to implement our logic and rules, and be all set.  The fact that users could, if they tried, bypass the code and see the linked tables was not a concern in these cases.  Now it is.

 

We'd love that kind of ease of use, with the addition of webhosting and AAD authentication.

 

I've done a good deal of development over 25+ years in many languages and worked with client server tools, SQL, remote procedure calls, and REST APIs.  I'm currently working mostly in Python and some VB for Microsoft programs, though I can get by in C-like languages when needed.

 

Thanks in advance for any advice on what the current .NET Web equivalent of our old tools would be.  I don't mind putting in the effort to learn but want to be heading in the right direction.

 

 

 

1 Reply

We ended up using server-based Blazor for our program, and will be using the MudBlazor components to help make the forms more feature-rich and easier to produce.

 

After some back and forth and following some older advice and documents, we eventually discovered that the Visual Studio 2022 actually comes with most of what we need to make an AAD-secured application without having to do much of the heavy lifting.  It would have been great to have skipped right to the end, but we did get to where we needed to be.