Author Archives: damienbod

ASP.NET Core Authorization for Windows, Local accounts

This article shows how authorization could be implemented for an ASP.NET Core MVC application. The authorization logic is extracted into a separate project, which is required by some certification software requirements. This could also be deployed as a separate service. Code: https://github.com/damienbod/AspNetCoreWindowsAuth Blogs in this series: Supporting both Local and Windows Authentication in ASP.NET Core […]

Supporting both Local and Windows Authentication in ASP.NET Core MVC using IdentityServer4

This article shows how to setup an ASP.NET Core MVC application to support both users who can login in with a local login account, solution specific, or use a windows authentication login. The identity created from the windows authentication could then be allowed to do different tasks, for example administration, or a user from the […]

Comparing the HTTPS Security Headers of Swiss banks

This post compares the security HTTP Headers used by different banks in Switzerland. securityheaders.io is used to test each of the websites. The website of each bank as well as the e-banking login was tested. securityheaders.io views the headers like any browser. The tested security headers help protect against some of the possible attacks, especially […]

Using Message Pack with ASP.NET Core SignalR

This post shows how SignalR could be used to send messages between different C# console clients using Message Pack as the protocol. An ASP.NET Core web application is used to host the SignalR Hub. Code: https://github.com/damienbod/AspNetCoreAngularSignalR Posts in this series Getting started with SignalR using ASP.NET Core and Angular SignalR Group messages with ngrx and […]

First experiments with makecode and micro:bit

At the MVP Global Summit, I heard about MakeCode for the first time. The project makes it really easy for people to get a first contact, introduction with code and computer science. I got the chance to play around with the Micro:bit which has a whole range of sensors and can easily be programmed from […]

Securing the CDN links in the ASP.NET Core 2.1 templates

This article uses the the ASP.NET Core 2.1 MVC template and shows how to secure the CDN links using the integrity parameter. A new ASP.NET Core MVC application was created using the 2.1 template in Visual Studio. This template uses HTTPS per default and has added some of the required HTTPS headers like HSTS which […]

Adding HTTP Headers to improve Security in an ASP.NET MVC Core application

This article shows how to add headers in a HTTPS response for an ASP.NET Core MVC application. The HTTP headers help protect against some of the attacks which can be executed against a website. securityheaders.io is used to test and validate the HTTP headers as well as F12 in the browser. NWebSec is used to […]