search
profile img

Bharat Dwarkani

Nov 10, 2019
bookmarks

linkhajekj.net

So while the benefits of using Single Sign On are obvious and there many articles about it, it way less discussed topic is Single Sign Out – the process of signing out the user from all web application which use the same IdP.

share
favorite_border0 visibility1
favorite_border0 visibility1 share
bookmarks
profile img

Bharat Dwarkani

Nov 02, 2019
bookmarks

linkdamienbod.com

This article shows two possible ways of getting user claims in an ASP.NET Core application which uses an IdentityServer4 service. Both ways have advantages and require setting different code configurations in both applications.

share
favorite_border0 visibility2
favorite_border0 visibility2 share
bookmarks
profile img

Bharat Dwarkani

Oct 26, 2019
bookmarks

linkgithub.com

This is walk through for an ASP.NET Core Authorization Lab, now updated for ASP.NET Core 2.1 and VS2017.

share
favorite_border0 visibility2
favorite_border0 visibility2 share
bookmarks
profile img

Bharat Dwarkani

Oct 19, 2019
bookmarks

linkmedium.com

So you’ve built a web API and everything seems to be working fine. But Wait! Anyone can access your API, hit the correct url and boom your API is connected to. Though that might be heroic of you, but it shouldn’t be… I mean after all the bugs and stackoverflow.

share
favorite_border0 visibility4
favorite_border0 visibility4 share
bookmarks
profile img

Bharat Dwarkani

Oct 19, 2019
bookmarks

linkdamienbod.com

This article shows how FIDO2 WebAuthn could be used for a passwordless sign in integrated into an ASP.NET Core Identity application. The FIDO2 WebAuthn is implemented using the fido2-net-lib Nuget package, and demo code created by Anders Åberg. The application is implemented using ASP.NET Core 3.0 with Identity. For information about FIDO2 and WebAuthn, please refer to the links at the bottom.

share
favorite_border0 visibility1
favorite_border0 visibility1 share
bookmarks
profile img

Bharat Dwarkani

Oct 19, 2019
bookmarks

linkttmind.com

Authorization refers to limiting the access of the system to the user according to their roles. There are different roles in an organization and we can provide access to the resources according to their position or role in the organization. There are various technique for Authorization and authentication like JWT Authentication, Windows Authentication, Cookies Authentication, etc. So, we will be learning cookie based authentication and authorization with encrypt password using Guid data type key

share
favorite_border0 visibility2
favorite_border0 visibility2 share
bookmarks
profile img

Bharat Dwarkani

Oct 12, 2019
bookmarks

linkblog.elmah.io

The aim of this post is to teach you how to implement Identity Authentication & Authorization with ASP.NET Core 3. We will begin with a cookie-cutter Microsoft starter project, and then modify it to use Kendo in a future post.

share
favorite_border0 visibility1
favorite_border0 visibility1 share
bookmarks
profile img

Bharat Dwarkani

Oct 10, 2019
bookmarks

linkleastprivilege.com

You might have noticed the recent public discussions around how to securely build SPAs – and especially about the “weak security properties” of the OAuth 2.0 Implicit Flow.

share
favorite_border0 visibility7
favorite_border0 visibility7 share
bookmarks
profile img

Bharat Dwarkani

Sep 28, 2019
bookmarks

linkblinkingcaret.com

Being able to sign in with an external login provider (for example Google or Facebook) is a good way to simplify the process of getting new users to your website.

share
favorite_border0 visibility1
favorite_border0 visibility1 share
bookmarks
profile img

Bharat Dwarkani

Sep 15, 2019
bookmarks

linkscottbrady91.com

An application running within the context of the browser (e.g. a React or Angular Single Page Application (SPA)) that wants to access an API on behalf of a user. This authenticated API call will be made directly from the user’s browser, and only our application should be able to call it on behalf of our authenticated user (i.e. we’re not vulnerable to Cross-Site Request Forgery (CSRF/XSRF).

share
favorite_border0 visibility1
favorite_border0 visibility1 share
bookmarks
add