Każdy czegoś nie lubi, ja na przykład nie lubię gdy ktoś siada na moim krześle, a potem ja muszę na nim usiąść, fuj – takie ciepłe, zawsze chwilę odczekuje. Albo NULL – to ciągłe sprawdzanie czy zmienna nie jest nullem, a potem jeszcze specjalna obsługa tu i tam i jeszcze tam, a potem tam i tam niosą, się ify po całym projekcie, albo wyjątki – BLEHSposób Na szczęście na jedno i drugie jest sposób; każdemu mówię, że na moim krześle się nie siada i głośno warczę gdy ktoś łam...

If we think about advanced website development, sooner or later we’ll deal with JavaScript Task Runners. One of them is Gulp – a library available in NPM, which enables us to significantly automate our work. Gulp facilitates a compilation of Sass or Less files to CSS format; it allows to use Autoprefixer (a tool that will ensure the compatibility of our CSSs with multiple browsers) as well as to watch the progress of our work in many browsers/ devices in real time.

This is the second one of two posts concerning approach to build cost effective, but prepared for scaling, systems using ASP.NET Web API and Azure.

In this post we’ll focus on security. We’ll try to prove that claims base authentication is safe. As we remember SAML tokens are issued by “trusted” STS. But what exactly does “trusted” issuer mean? In this post, we’ll try to find definition of “trusted issuer”, a list of attributes which decide that issuer is trusted.

In the previous article basic information about authentication and authorization process on .Net has been presented. Security Token Service is an integral part of claim based approach. As we remember from the previous article, STS is responsible for handling user’s requests and creating tokens; it can also work in two modes: active and passive. In this article we focus on Active STS, as we will only try to build sample STS.

Authentication and Authorization Authentication and authorization are two closely related concepts, which are used to build security mechanism in systems and applications. Information security is the practice of protecting information from unauthorized access, use or even modification. Confidentiality, integrity and availability (known as CIA triad) is a model designed to guide policies of information security within an organization. In this article we are focusing on confidentiality, which refers to re...

Jak zdefiniować rozwój zawodowy? Rozwój zawodowy to proces zwiększania zakresu swojej wiedzy w czasie. Niby dobrze, ale jak to rozumieć? Może najprościej jak się da: każdego dnia uczymy się X nowych metod ( z danej klasy Frameworka etc.). I jeśli mówimy o początkach kariery zawodowej to jest to z pewnością prawda. Tylko, że jeśli z biegiem czasu dalej będziemy tak rozumieć rozwój to chyba coś z nami jest nie do końca w porządku. Chociaż to za dużo powiedziane. Może lepiej zabrzmi, że taka ścieżka r...

We, software developers, are crazy. Surprisingly, that’s what we have been told at the very beginning of the DevDay conference. The speaker, an ABB guy (I didn’t catch his name because I came 5min late) with a strong Slavic accent made his point about passion, self-motivation and personal abilities in the world of software development. At the same time, he compared it to his hobby - running. We are crazy, because we get up early on Saturday and get together to devote the whole day to nerdy IT topics. The...