Tag Archives: Security

Extending Identity in IdentityServer4 to manage users in ASP.NET Core

November 18, 2016 · by · in .NET, angular, ASP.NET Core, ASPNET5, dotnet, MVC, OAuth2, Security, Typescript, Web · 21 Comments

This article shows how Identity can be extended and used together with IdentityServer4 to implement application specific requirements. The application allows users to register and can access the application for 7 days. After this, the user cannot log in. Any admin can activate or deactivate a user using a custom user management API. Extra properties […]

Full Server logout with IdentityServer4 and OpenID Connect Implicit Flow

September 16, 2016 · by · in .NET, angular, AngularJS, ASP.NET Core, ASPNET5, dotnet, OAuth2, Security, Typescript · 3 Comments

The article shows how to fully logout from IdentityServer4 using an OpenID Connect Implicit Flow. Per design when using an access token to use protected data from a resource server, even if the client has logged out from the server, the access token can be used so long it is valid (AccessTokenLifetime) as it is […]

Authorization Policies and Data Protection with IdentityServer4 in ASP.NET Core

February 14, 2016 · by · in .NET, ASPNET5, Entity Framework, MVC, OAuth2, Security, SQLite, TopHeaderMenu, Web · 24 Comments

This article shows how authorization policies can be used together with IdentityServer4. The policies are configured on the resource server and the ASP.NET Core IdentityServer4 configures the user claims to match these. The resource server is also setup to encrypt a ‘Description’ field in the SQLite database, so it cannot be read by opening the […]

IIS HTTPS configuration for Team development

April 16, 2014 · by · in .NET, MVC, Security, TopHeaderMenu, Web · 1 Comment

This post a collection of information which I found all over the internet. I’m posting it as a reference for myself. I need to set up a development environment where a team of developers can develop multiple projects which use and test Web applications using HTTPS. Step 1: Create a root cert. This will be […]

Newer posts