We’ve developed some resources to help you work effectively from home during COVID-19 Click to learn more

Web.Config configuration overview

In this article

    This section will present the technical details to understand what is required to get the example running on your machine. This section also explains how the example application works.

     

    Key sections:

    • SuperOffice>Data>Session
    • SuperOffice>Service
    • appSettings

    <configuration>
     <configSections>
        <sectionGroup name="SuperOffice">

            <sectionGroup name="Data">
            <section name="Session" type="System.Configuration.NameValueSectionHandler, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            </sectionGroup>
            <section name="Services" type="System.Configuration.NameValueSectionHandler, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        </sectionGroup>
     </configSections>
     <SuperOffice>
        <Data>
            <Session>
                <!-- HttpContext means session information is stored, vs being recreated all the time -->
                <add key="Mode" value="PartnerHttpContext" />
            </Session>
    </Data>
    <Services>
        <!-- Mode can be Local, Remote, Switch; local for web + appserver on same machine, remote otherwise -->
        <add key="DefaultMode" value="Remote" />
        <add key="ApplicationToken" value="df2d5bd84dd3848a8235e1d7e40d5b64" />
        </Services>
    </SuperOffice>
    <appSettings>
        <add key="SoAuthCookie" value="PartnerAuth" />
        <add key="SoAppId" value="c2f1cee99dfab952d7f3cbda30d9762a" />
        <add key="SoFederationGateway" value="https://sod.superoffice.com/login/" />
        <add key="SystemTokenCertificatePath" value="certificates\partnerprivatekey.xml" />
        <add key="SuperIdCertificate" value="16b7fb8c3f9ab06885a800c64e64c97c4ab5e98c" />
    </appSettings>…

    The Session Mode property instructs NetServer to use the PartnerHttpContext provider to store the user's context when the application is run.

    SuperOffice Services

    DefaultMode

    Must be Remote to work with SuperOffice Online web services.

    ApplicationToken

    Must be set to identify partner applications. Online services will reject unidentified callers.

    • This property is expected and used by the NetServer proxy assemblies.
    • The token is exchanged only after a secured http connection has been established.

    Application credentials are environment specific. The value of ApplicationToken will be different in SOD and production.

    appSettings

    SoAuthCookie

    An identity used when persisting a Cookie.

    SoAppId

    A public application identifier.

    It is used by the AuthenticationHelper class and is appended to the URL used when forwarding your application to the SoFederationGateway URL (also defined in AppSettings).

    The SoAppId appears in the in the browser's address bar when forwarded to SuperID and is vulnerable to man-in-the-middle attacks. However, you can mitigate this threat by validating tokens after each successful authentication.

    The SoAppId is relevant when a new user attempts to access your partner application for the first time. That user will be prompted to allow your application to run within the user's context. This consent feature also enables a partner to revoke access if necessary. Although inaccessible to partners today, this feature will be made accessible in the future.

    Application credentials are environment specific. The value of SoAppId will be different in SOD and production.

    SoFederationGateway

    Specifies the URL where SuperID resides.

    SuperID is environment specific. The value of SoFederationGateway will be different in SOD and production.

    • SOD: https://sod.superoffice.com
    • Production: https://online.superoffice.com/login/

    SystemTokenCertificatePath

    Path to a local file containing the partners' application private key.

    Example private key file:

    <RSAKeyValue>
     <Modulus>migUNK1X11GNYZ7XpQ/EPrXohsC0VYCsx2n/0Gp1PmtLJe/9j+GtYqU09GNYT 
      pFeQF/G0hXvbwZSjZJmGEkWgFCZUS+oFfGr3NfiVFPqCBPvjJlXMe/1XudxdUZLzUVIOb+uCS
    FzLkaEVh0IFnE4HRKYKkvEjvkItphxNBoNbFU=</Modulus>
     <Exponent>AQAB</Exponent>
     <P>1KhY+C+sYE6xH6raJDG8dQ14nZOGt/hlw5sZ+0Bk7EnCeTdzxnI7t6qiUYO9GJvsXEiCdRdcU
    F9TL6DI6+XJOw==</P> <Q>uZNfZNXMnZt50G/SJewg3TqsfT9N3QyAqsifoSV1xoNhVpNL6A64iD8OyVrSzp50Rwnh1QS1
     fdDWLuI8AOTHrw==</Q><DP>E8LZEac
      Mc56cYv7zam2cv5vS24G8ARh6DGU7Ute3CSYJhk4a2hP/bJ/UmZKOXd0PZ7vtM4hKMcXJ6yE
      byp/9xQ==</DP >
     <DQ>DNXxsjLLjVc0rMMfQPo9J7AoQB2B0DlOKQHpcKb7p3hs4iUcCfgCsYHTDwBWNm5lUoiP
    c0F5IDOyrNl/Fvy8Bw==</DQ>
     <InverseQ>S9ptGHigXK+m/tvwE+9xroinx1FYhCJ7CtDlh2dMaeVPL9ZJkn1LHSf3BBsclf8dkvcGv
    BPPHZ+GvdpZxntYw==</InverseQ>
     <D>Kgv/guS6/mBgmz1bnUqBIQe17jdWmLG5rsSjQWIgK4/RVf4xH5MTG0JrgLMuLXPqDM3y6W
     +ROKu1TaceUMZyq81xAROGxh+Yd+F77EIL3aendQulp977kyiVjdfIABNjHjcpu+lt11TgzlwaHne57T
      E+i0T9g3Jx0Yd5B4YlY7s=</D>
    </RSAKeyValue>

    SuperIdCertificate

    The certificate thumbprint identifier on the machine hosting the website. The thumbprint is used by the SuperIdTokenHandler class to verifying the JWT token returned by SuperID to the partner web application.

    The thumbprint identifier is environment specific. The value of SuperIdCertificate will be different in SOD and production.