posted on July 18, 2017 by long2know in ASP.NET, Core, Security
I’ve been playing around with Authorize attributes in .NET Core as of late. With a custom (derived) authorization attribute, it seemed like it wasn’t always being evaluated. This caused me to pause and take a step back to examine using the built-in policy-based authorization.
posted on July 7, 2017 by long2know in ASP.NET, Core
I’ve previously blogged about dealing with SSL in a .NET Core application. Well, I wanted to expand upon this a bit when debugging in Visual Studio 2017. In the case of working with a development environment, this needs to tie into the launch profiles. Without handling this properly, IISExpress integration is broken which becomes an annoyance.
posted on June 16, 2017 by long2know in ASP.NET, Core
.NET Core doesn’t have built-in support for LDAP (Active Directory). This can be a show-stopper for a lot of projects. It was a bit of a show-stopper for me earlier as well.
So, references to these libraries won’t be available:
System.DirectoryServices System.DirectoryServices.AccountManagement System.DirectoryServices.Protcols
But, there are alternatives to mitigate the problem.
posted on June 9, 2017 by long2know in ASP.NET, Core
Earlier today I was running into weird issues detecting whether or not my .NET Core site was receiving HTTPS requests. After much gnashing of teeth, I believe I found a solution.
posted on June 7, 2017 by long2know in ASP.NET, Core
Microsoft’s guidance, in regards to deploying .NET Core applications to IIS, is a bit lacking. Throw in a continuous integration tool, like Team City, and it becomes a bit of trial and error to get a .NET Core app deployed to an IIS hosted instance.
posted on June 7, 2017 by long2know in ASP.NET
Exceptions in .NET can be difficult to log or inspect due to their hierarchical nature with inner exceptions. Since the InnerException on a given exception is not an enumerated list, it requires a little bit of work to flatten the hierarchy.
posted on May 31, 2017 by long2know in ASP.NET, Core
This is a little guide for anyone wanting to deploy a .NET Core Web site to IIS, locally or otherwise. It includes a few pitfalls you may or may not run into.
posted on May 24, 2017 by long2know in Core, Middleware, OWIN
In my previous installment, I focused mostly on sharing Cookies between an OWIN application and a .NET Core application. What happens if you want to utilize the Bearer tokens as well?
posted on May 23, 2017 by long2know in Core, Middleware, OWIN, Uncategorized
It seems like only yesterday when I setup an OWIN OAuth server to provide single-signon capabilities for all of my apps. Since that time, though, OWIN has kind of fallen to the wayside in favor of newer security mechanisms in .NET Core. However, it is possible to make an OWIN application play nice with a .NET Core application to share cookie-based authentication.
posted on May 21, 2017 by long2know in Core, Entity Framework
At Build last week, the possibility to have global filters applied to a context opened the possibility to support multi-tenancy scenarios directly. Multi-tenancy is the concept of having specific users, or “tenants”, having access to, or ownership of, only their data. In the past, I have simply checked a user’s role and conditionally added filters. Pushing this into a global filter, though, seems a bit more practical.
