Tag Archives: Authorization
Building and securing an ASP.NET Core API with a hosted Vue.js UI
This article shows how Vue.js can be used together with ASP.NET Core 3 in a single project. The Vue.js application is built using the Vue.js CLI and built to the wwwroot of the ASP.NET Core application. The ASP.NET Core application is used to implement the APIs consumed by the Vue.js UI. The application is secured […]
Using Chained Certificates for Certificate Authentication in ASP.NET Core 3.1
This article shows how to create self signed certificates and use these for chained certificate authentication in ASP.NET Core. By using chained certificates, each client application can use a unique certificate which was created from a root CA directly, or an intermediate certificate which was created from the root CA. The clients can then be […]
Certificate Authentication in ASP.NET Core 3.1
This article shows how Certificate Authentication can be implemented in ASP.NET Core 3.1. In this example, a shared self signed certificate is used to authenticate one application calling an API on a second ASP.NET Core application. Code https://github.com/damienbod/AspNetCoreCertificateAuth Posts in this series Certificate Authentication in ASP.NET Core 3.1 (Self Signed) Using Chained Certificates for Certificate […]
Implementing User Management with ASP.NET Core Identity and custom claims
The article shows how to implement user management for an ASP.NET Core application using ASP.NET Core Identity. The application uses custom claims, which need to be added to the user identity after a successful login, and then an ASP.NET Core policy is used to authorize the identity. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity History 2023-01-07 Updated .NET 7, Angular […]
OAuth using OIDC Authentication with PKCE for a .NET Core Console Native Application
This article shows how to use a .NET Core console application securely with an API using the RFC 7636 specification. The app logs into IdentityServer4 using the OIDC authorization code flow with a PKCE (Proof Key for Code Exchange). The app can then use the access token to consume data from a secure API. This […]
ASP.NET Core Authorization for Windows, Local accounts
This article shows how authorization could be implemented for an ASP.NET Core MVC application. The authorization logic is extracted into a separate project, which is required by some certification software requirements. This could also be deployed as a separate service. Code: https://github.com/damienbod/AspNetCoreWindowsAuth Blogs in this series: Supporting both Local and Windows Authentication in ASP.NET Core […]
Implementing custom policies in ASP.NET Core using the HttpContext
This article shows how to implement a custom ASP.NET Core policy using the AuthorizationHandler class. The handler validates, that the identity from the HttpContext has the authorization to update the object in the database. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity History 2023-01-08 Updated Angular 15, .NET 72021-01-25 Updated Angular 11.1.0 .NET 5, ngrx implementation2020-03-21 updated packages, fixed Admin UI […]
Software Engineering 