Gunnar Peipman's ASP.NET blog

ASP.NET, C#, SharePoint, SQL Server and general software development topics.

Sponsors

News

 
 
 
DZone MVB

Links

Social

Browse by Tags

All Tags » Security (RSS)
ASP.NET MVC: How to implement invitation codes support
Last Christmas I blogged about how to make ASP.NET MVC users authorized only if they have profiles created . This works well on public sites where everybody can be user. Sometimes we don’t want to let all users to our system even when they were correctly...
Posted: May 01 2011, 11:18 AM by DigiMortal | with 6 comment(s)
Filed under: , , , , ,
Webcast: Brief introduction to Windows Identity Foundation
This is my first webcast on Windows Identity Foundation (WIF) and it will give you brief overview of this technology. I will tell you about how I found WIF, what is claims-based authentication, what tools are available and how you can use WIF in your...
Posted: Mar 25 2011, 02:19 AM by DigiMortal | with 6 comment(s)
Filed under: , , , ,
ASP.NET and WIF: Showing custom profile username as User.Identity.Name
I am building ASP.NET MVC application that uses external services to authenticate users. For ASP.NET users are fully authenticated when they are redirected back from external service. In system they are logically authenticated when they have created user...
Posted: Dec 23 2010, 03:10 AM by DigiMortal | with 4 comment(s)
Filed under: , , , , , ,
ASP.NET MVC: Using ProfileRequiredAttribute to restrict access to pages
If you are using AppFabric Access Control Services to authenticate users when they log in to your community site using Live ID, Google or some other popular identity provider, you need more than AuthorizeAttribute to make sure that users can access the...
Posted: Dec 23 2010, 02:00 AM by DigiMortal | with 7 comment(s)
Filed under: , , , , , , ,
Identifying AppFabric Access Control Service users uniquely
In my last posting about AppFabric Labs Access Control Service I described how to get your ASP.NET MVC application to work with ACS . In this posting I will dig deeper into tokens and claims and provide you with some helper methods that you may find useful...
Posted: Dec 19 2010, 02:33 AM by DigiMortal | with 4 comment(s)
Filed under: , , , , ,
Adding Twitter authentication support to ASP.NET application
In my last posting I introduced my idea about common membership provider for ASP.NET that is able to support multiple authentication providers. Before writing membership provider we need support for some authentication providers to get an better idea...
Posted: Sep 01 2010, 11:29 PM by DigiMortal | with 10 comment(s)
Filed under: , , ,
Planning common membership provider for different authentication providers
I am trying to implement form based authentication (FBA) membership provider that is able to support multiple authentication mechanisms. Take it as an self-training experiment. In this posting I will introduce bases of my experiment and introduce my current...
Posted: Aug 31 2010, 05:17 AM by DigiMortal | with 11 comment(s)
Filed under: , , ,
Why we should attack our own systems?
Web page that is not attacked by security team or developers and testers before going to live can be considered as unsecure because nobody knows how it behaves under attacks. Unfortunately there are many web pages that are not secure and not event tested...
Posted: Apr 24 2009, 11:04 AM by DigiMortal | with no comments
Filed under: ,
More Posts