- Artykuły z tagiem Authentication

How to create token in ASP.NET Core

Dziel się z innymi:
Create token authentication in ASP.NET Core

Sztuka programowania 78 dni, 14 godzin, 53 minuty temu fildev 131 rozwiń

Słyszeliście o JSON Web Token-ach? Zapewne tak. W sieci pełno jest artykułów o wadach, zaletach, wykorzystaniu w implementacjach  OAuth2 czy OIDC. Czy to znaczy, że napisano o nich wszystko, co się da? Przemilczę odpowiedź i dorzucę własną, mam nadzieje, że przydatną, cegiełkę. Trochę z własnych obserwacji, jednak podejrzewam, że bliskich prawdzie, zakładam, że JWT to dzisiejszy standard zabezpieczania API. Pomimo, iż np. ze specyfikacji PASETO zaczyna powoli wyrastać coś ciekawego, jeszcze długa droga ...

Dziel się z innymi:
.NET Core Identity - Generowanie JWT - bd90

Sztuka programowania 126 dni, 6 godzin, 56 minut temu bd90 138 rozwiń

Recently, I was struggling with the SSO authentication. At first I did pick up JSON Web Token which of course is a legitimate option, however, I was forced to share the secret key between different parties, as I decided to use HMAC. Not so long ago I decided to switch to the RSA instead and I’d like to present you both solutions using ASP.NET Core.

JWT RSA & HMAC + ASP.NET Core | Piotr Gankiewicz

Sztuka programowania 498 dni, 22 godziny, 49 minut temu spetz 126 rozwiń

A few days ago I showed you how to combine Nancy with Autofac and ASP.NET Core IoC. Today’s post will be related to the security and more precisely JWT authentication. Before moving further, I’d like to mention that below text is going to be the last Nancy-related one (at least for now). In a next couple weeks, we’ll explore the world of graph databases with Neo4j and .NET Core, so I hope you’re as excited as I do 😉  How does JWT authe...

Dziel się z innymi:
Nancy meets JWT authentication - Forever F[r]ame

Daj się poznać 2017 599 dni, 1 godzinę, 18 minut temu dpawlukiewicz 73 rozwiń

Lately I’ve seen some posts about authentication made easy and simple with various packages and how it’s great we doesn’t haven’t to store logins and passwords in our databases anymore due to global availability of social identity providers. It’s true that making simple authentication with of of those providers is simple today. And in Azure App Services it’s even simpler, it really can be done in 5 minutes.

Dziel się z innymi:
Azure App Services – Authentication with FB, Google and others in 5 minutes or so – Hryniewski.NET

Authentication The topic looks obviously obvious and generally speaking standard user doesn’t care much about the details. He wants to register, login, and make sure that his password is safe. The more you read and learn, the more sophisticated requirements you have for protection, state management on the server and client side, the more things are getting complicated. The problem with authentication is basically about: how does one prove that he is the guy that he’s pretending to be? In the world of w...

Dziel się z innymi:
JWT vs Session Authentication – Kuba on .NET

Daj się poznać 2016 920 dni, 14 godzin, 35 minut temu Jakub Szumiato 79 rozwiń

In this post we’ll focus on security. We’ll try to prove that claims base authentication is safe. As we remember SAML tokens are issued by “trusted” STS. But what exactly does “trusted” issuer mean? In this post, we’ll try to find definition of “trusted issuer”, a list of attributes which decide that issuer is trusted.

[EN] Security in WIF | Future Processing

Architektura 1196 dni, 15 godzin, 59 minut temu FutureProcessing 101 rozwiń

In this article we focus on sample service based on WCF (Windows Communication Foundation), as we will only try to build sample service with claims-based authentication and authorization. All technical aspects connected with security e.g. configuration, certificates, encryption, signature or CRL will be described in details in the next posts.

WCF services with claims-based authentication and authorization | Future Processing

Architektura 1267 dni, 14 godzin, 40 minut temu FutureProcessing 144 rozwiń

In the previous article basic information about authentication and authorization process on .Net has been presented. Security Token Service is an integral part of claim based approach. As we remember from the previous article, STS is responsible for handling user’s requests and creating tokens; it can also work in two modes: active and passive. In this article we focus on Active STS, as we will only try to build sample STS.

Introduction to Claims-Based Authentication and Authorization in .NET - how to build Active STS | Future Processing

Architektura 1302 dni, 2 godziny, 3 minuty temu FutureProcessing 164 rozwiń