We’ve been closely following ASP.NET 5 and MVC 6 since the days it was presented behind closed doors, through the “vNext” and “Project K” phase up to recent beta builds.
I personally monitored all developments in the security space in particular and was even involved in one or the other decision making process – particularly around authorization which makes me also a little bit proud.
In preparation for the planned ASP.NET and MVC 6 security course for PluralSight, I always maintained a (more or less structured) list of changes and new features.
Tomorrow will be the release of Visual Studio 2015, which does NOT include the final release of ASP.NET 5. Instead we are between Beta 5 and 6 right now and the rough feature set has more or less been decided on. That’s why I think that now is a good time to do a couple of overview posts on what’s new.
Many details are still very much in flux and the best way to keep up with that is to subscribe to the various security related repos on github. Many things are not set in stone yet, so this is also an opportunity to take part in the discussion which I would encourage you to do.
The planned feature posts are:
- What’s new in the base security system, authentication & claims
- The new authorization system
- IdentityServer’s place in ASP.NET 5 and MVC 6
- Data Protection
- Other security related bits & pieces
- ASP.NET Identity 3
Since training is very much about the details, we are holding off right now with recording any content until the code has been locked down for “v1”. So stay tuned.
The first public appearance of our updated “identity & access control” training for ASP.NET will be at NDC in London in January 2016.
Update: The final release of ASP.NET 5 is currently scheduled for Q1 2016 (https://github.com/aspnet/Home/wiki/Roadmap)
leastprivilege.com 