dotnetomaniak.pl - Artykuły z tagiem Authentication

How to create token in ASP.NET Core

Źródło: fildev.net
Dziel się z innymi:
Create token authentication in ASP.NET Core

Sztuka programowania 2247 dni, 4 godziny, 13 minut temu fildev 138 źrodło rozwiń

Słyszeliście o JSON Web Token-ach? Zapewne tak. W sieci pełno jest artykułów o wadach, zaletach, wykorzystaniu w implementacjach  OAuth2 czy OIDC. Czy to znaczy, że napisano o nich wszystko, co się da? Przemilczę odpowiedź i dorzucę własną, mam nadzieje, że przydatną, cegiełkę. Trochę z własnych obserwacji, jednak podejrzewam, że bliskich prawdzie, zakładam, że JWT to dzisiejszy standard zabezpieczania API. Pomimo, iż np. ze specyfikacji PASETO zaczyna powoli wyrastać coś ciekawego, jeszcze długa droga ...

Źródło: bd90.pl
Dziel się z innymi:
.NET Core Identity - Generowanie JWT - bd90

Sztuka programowania 2294 dni, 20 godzin, 17 minut temu bd90 146 źrodło rozwiń

Recently, I was struggling with the SSO authentication. At first I did pick up JSON Web Token which of course is a legitimate option, however, I was forced to share the secret key between different parties, as I decided to use HMAC. Not so long ago I decided to switch to the RSA instead and I’d like to present you both solutions using ASP.NET Core.

JWT RSA & HMAC + ASP.NET Core | Piotr Gankiewicz

Sztuka programowania 2667 dni, 12 godzin, 10 minut temu spetz 142 źrodło rozwiń

A few days ago I showed you how to combine Nancy with Autofac and ASP.NET Core IoC. Today’s post will be related to the security and more precisely JWT authentication. Before moving further, I’d like to mention that below text is going to be the last Nancy-related one (at least for now). In a next couple weeks, we’ll explore the world of graph databases with Neo4j and .NET Core, so I hope you’re as excited as I do 😉  How does JWT authe...

Źródło: foreverframe.net
Dziel się z innymi:
Nancy meets JWT authentication - Forever F[r]ame

Daj się poznać 2017 2767 dni, 14 godzin, 39 minut temu dpawlukiewicz 77 źrodło rozwiń

Lately I’ve seen some posts about authentication made easy and simple with various packages and how it’s great we doesn’t haven’t to store logins and passwords in our databases anymore due to global availability of social identity providers. It’s true that making simple authentication with of of those providers is simple today. And in Azure App Services it’s even simpler, it really can be done in 5 minutes.

Źródło: hryniewski.net
Dziel się z innymi:
Azure App Services – Authentication with FB, Google and others in 5 minutes or so – Hryniewski.NET

Daj się poznać 2017 2768 dni, 13 godzin, 51 minut temu Rafał Hryniewski 42 źrodło rozwiń

Authentication The topic looks obviously obvious and generally speaking standard user doesn’t care much about the details. He wants to register, login, and make sure that his password is safe. The more you read and learn, the more sophisticated requirements you have for protection, state management on the server and client side, the more things are getting complicated. The problem with authentication is basically about: how does one prove that he is the guy that he’s pretending to be? In the world of w...

Źródło: szumiato.pl
Dziel się z innymi:
JWT vs Session Authentication – Kuba on .NET

Daj się poznać 2016 3089 dni, 3 godziny, 56 minut temu Jakub Szumiato 86 źrodło rozwiń

In this post we’ll focus on security. We’ll try to prove that claims base authentication is safe. As we remember SAML tokens are issued by “trusted” STS. But what exactly does “trusted” issuer mean? In this post, we’ll try to find definition of “trusted issuer”, a list of attributes which decide that issuer is trusted.

[EN] Security in WIF | Future Processing

Architektura 3365 dni, 5 godzin, 20 minut temu FutureProcessing 104 źrodło rozwiń

In this article we focus on sample service based on WCF (Windows Communication Foundation), as we will only try to build sample service with claims-based authentication and authorization. All technical aspects connected with security e.g. configuration, certificates, encryption, signature or CRL will be described in details in the next posts.

WCF services with claims-based authentication and authorization | Future Processing

Architektura 3436 dni, 4 godziny, 1 minutę temu FutureProcessing 146 źrodło rozwiń

In the previous article basic information about authentication and authorization process on .Net has been presented. Security Token Service is an integral part of claim based approach. As we remember from the previous article, STS is responsible for handling user’s requests and creating tokens; it can also work in two modes: active and passive. In this article we focus on Active STS, as we will only try to build sample STS.

Introduction to Claims-Based Authentication and Authorization in .NET - how to build Active STS | Future Processing

Architektura 3470 dni, 15 godzin, 24 minuty temu FutureProcessing 167 źrodło rozwiń