Security, Identity and Authorization in ASP.NET 5

Cite

Norwegian Developers Conference (NDC)

Dorrans, Barry

Formal Metadata

Title

Security, Identity and Authorization in ASP.NET 5

Alternative Title

A run around the new ASP.NET Data Protection - Authorization Stacks

Title of Series

NDC London 2016

Number of Parts

133

Author

Dorrans, Barry

License

CC Attribution - NonCommercial - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this

Identifiers

10.5446/49587 (DOI)

Publisher

Norwegian Developers Conference (NDC)

Release Date

2016

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

With the advent of ASP.NET v5 we’ve taken the opportunity to throw away the old, bad things and drag code kicking and screaming into 2015. We killed [Authorize(Users=)] and replaced it with something more flexible and more configurable. We switched to claims everything. We finally got rid of machine key as well, and have replaced it with something that rotates keys, syncs cross instances of Azure websites and could even use an NTFS share or a database as a key store. By the end of this session you should be prepared to bring in the new and improved bits to help you security your apps in a more flexible and testable way.