Category Archives: Uncategorized

Introducing Thinktecture IdentityManager

Originally posted on brockallen:
Back in 2005 when Microsoft released the ASP.NET MembershipProvider API, they also included in Visual Studio the ASP.NET WebSite Administration tool. This was used by developers to quickly create and edit users to populate the MembershipProvider…

Posted in Uncategorized | Leave a comment

How MembershipReboot stores passwords properly

Originally posted on brockallen:
I’m not going to go into all of the motivation behind proper password hashing — Troy’s done an excellent job of it and he has said it all better than I ever could have. The short…

Posted in Uncategorized | Leave a comment

A primer on external login providers (social logins) with OWIN/Katana authentication middleware

Originally posted on brockallen:
Like MVC 4, in MVC 5 and Visual Studio 2013 we have the ability to use external login providers (aka social logins) in our ASP.NET applications. The big change related to this from the prior version…

Posted in Uncategorized | 2 Comments

2013 in review

The WordPress.com stats helper monkeys prepared a 2013 annual report for this blog. Here’s an excerpt: The Louvre Museum has 8.5 million visitors per year. This blog was viewed about 400,000 times in 2013. If it were an exhibit at … Continue reading

Posted in Uncategorized | Leave a comment

MSDN article on CORS in Web API 2

Originally posted on brockallen:
My MSDN article on CORS in Web API is now out! Given the nature of CORS, I really wanted to spend much of the article explaining CORS by itself. With that understanding then it’s simple enough…

Posted in Uncategorized | Leave a comment

NDC London

I am currently doing the last preparations for next week’s NDC in London. This will be a blast! Brock and I are doing our claims-based identity & access control workshop on Monday and Tuesday. On Wednesday part 1 of the … Continue reading

Posted in Conferences & Training, Uncategorized | Leave a comment

Using tt.idm Hawk Authentication OWIN Middleware with IIS-Hosted ASP.NET Web API

Originally posted on Badri's Blog:
Hawk Authentication in Thinktecture.IdentityModel can be hooked into your ASP.NET Web API through the message handler (HawkAuthenticationHandler) or the OWIN middleware (HawkAuthenticationMiddleware). The sample here is based on a self-hosted web API (WCF channel…

Posted in Uncategorized | Leave a comment

Embedding a simple Username/Password Authorization Server in Web API v2

In my last post I explained why I think it is important to use the authorization server pattern right from the start. In this post I want to show how to build the possibly simplest authorization server using the new … Continue reading

Posted in Uncategorized | 21 Comments

Thinktecture.IdentityModel.Hawk NuGet Package

Originally posted on Badri's Blog:
With Thinktecture.IdentityModel V.Next out, Hawk authentication implementation in Thinktecture IdentityModel gets its own NuGet package. It is currently in pre-release and here is the NuGet Gallery link. The OWIN middleware code that has been…

Posted in Uncategorized | Leave a comment

A primer on OWIN cookie authentication middleware for the ASP.NET developer

Originally posted on brockallen:
There have been many changes to how authentication is performed for web applications in Visual Studio 2013. For one, there’s a new “Change Authentication” wizard to configure the various ways an application can authenticate users. The…

Posted in Uncategorized | Leave a comment