-
Recent Posts
Categories
- .NET Security (95)
- ASP.NET (163)
- ASP.NET Core (27)
- AuthorizationServer (33)
- Azure (29)
- Conferences & Training (40)
- IdentityModel (347)
- IdentityServer (205)
- Katana (46)
- OAuth (163)
- OpenID Connect (94)
- OWIN (45)
- Photography (14)
- PolicyServer (3)
- Resources (1)
- Uncategorized (625)
- WCF (109)
- WebAPI (223)
Tweets
- RT @DuendeIdentity: If you want to keep up with the lastest OAuth developments - here's part 1 of the IETF116 meeting https://t.co/WIebr8o… 15 hours ago
- RT @DuendeIdentity: The state of OAuth, proof of possession access tokens, and IdentityServer blog.duendesoftware.com/posts/20230328… 1 day ago
Feed
Archives
- May 2021
- October 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- September 2019
- August 2019
- July 2019
- June 2019
- April 2019
- February 2019
- January 2019
- December 2018
- July 2018
- June 2018
- May 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- August 2017
- July 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
- October 2004
- September 2004
- August 2004
- July 2004
- June 2004
- May 2004
Monthly Archives: January 2008
UserName SupportingToken in WCF
There has been some mentioning of supporting tokens recently (here and here). Supporting tokens allow adding additional tokens to a SOAP security header – at least one token (usually the primary token) must be capable of providing the necessary key … Continue reading
Posted in ASP.NET, WCF
5 Comments
WCF 3.5 and Partial Trust
This is a good summary of things that work and don’t work when WCF is used in partially trusted AppDomains. I especially like this sentence: “The best way to discover that a piece of information or action is unavailable when … Continue reading
Posted in WCF
Leave a comment
Web Deployment Projects for Visual Studio 2008
(note to self) download here.
Posted in Uncategorized
Leave a comment
Jörg Neumann in da House
I am very happy to announce that Jörg Neumann has joined thinktecture. Jörg is the UI master, a SQL Server expert and an overall really great guy. Looking forward working with him! http://www.thinktecture.com/staff/joerg
Posted in Uncategorized
Leave a comment
LeastPrivilege on RunAs Radio
A few weeks ago I did a recording with Richard and Greg for RunAs Radio. That was fun. It is now online. Have fun and support the show! http://www.runasradio.com/default.aspx?showNum=41
Posted in Uncategorized
Leave a comment
ASP.NET Internals Spelunking II
Suppose you want to step through one of the built-in HttpModules in ASP.NET. This doesn’t work by traversing the callstack. There is another little “trick” to get this working: Go to Debug/New Breakpoint/Break at Function Enter the function name, e.g. … Continue reading
Posted in ASP.NET
Leave a comment
ASP.NET Internals Spelunking
When I wrote the ASP.NET book I pretty much lived in Reflector 24/7 to figure out all the gory implementation details. Back then it would have been great to be able to simply set breakpoints in some of the low … Continue reading
Posted in ASP.NET
Leave a comment
Simplified Impersonation Model
While playing with the new Named Pipe classes in 3.5 I noticed that a simpler model for impersonating the client is used here. Instead of putting the burden on the user to call Impersonate on a WindowsIdentity (and making sure … Continue reading
Posted in Uncategorized
Leave a comment
Most popular Content in 2007
Just looked through my server logs… Top Downloads: InfoCardSelector for ASP.NET (1508) HTTP.SYS config utility (819) GetCertKeyFile (732) IfConfig 2.11 (683) SslHelper (588) Top Documents: PenTest Slides from WinDev 2004 (1682) Integration mit Windows Security from Basta 2006 (1125) … Continue reading
Posted in Uncategorized
2 Comments
HTTP Basic Authentication against Non-Windows Accounts in IIS7
The last posts (here, here, here and here) show how to build an HTTP Basic Authentication module using a membership provider (and including WCF support). Moving this code to IIS7 is technically not very difficult – but the mindset changes. … Continue reading
Posted in ASP.NET, WCF
3 Comments
leastprivilege.com 