Category Archives: Uncategorized

Originally posted on brockallen:
There have been many changes to how authentication is performed for web applications in Visual Studio 2013. For one, there’s a new “Change Authentication” wizard to configure the various ways an application can authenticate users. The…

Originally posted on brockallen:
Many people have asked for a sample of integrating MembershipReboot into IdentityServer as the identity management library. I was finally galvanized to build a sample and so here it is. It supports all four main extensability…

Originally posted on brockallen:
By default, IdentityServer requires SSL (for obvious reasons). But there are scenarios where IdentityServer might be deployed behind a load balancer or proxy server. In those situations it might be desirable to relax the SSL requirement…

Originally posted on brockallen:
With Visual Studio 2013, Microsoft has provided a new “Change Authentication” wizard that is part of all ASP.NET projects. This includes an option for “Organizational Accounts”, which in essence means federation using the WS-Federation protocol. This…

Originally posted on brockallen:
Ok, here we go again… and if you don’t know what I’m talking about, then see this post. With Visual Studio 2013 and .NET 4.5.1 we have a new framework called ASP.NET Identity. ASP.NET Identity is…

As of today, I am back from holidays.. just wanted to let you know that I discarded all the blog comments from the last four weeks. If you made a comment, and that is still relevant, it would be best … Continue reading →

Originally posted on brockallen:
I just released v3.0.0 of MembershipReboot. It was a significant enough change to warrant going to 3.0. From my chicken scratch release notes: Features added: separate EF code from the main library. there’s now a new…

Originally posted on Badrinarayanan Lakshmiraghavan's Blog:
Hawk authentication is designed to work without transport security. When TLS is used, replay protection is not much of an issue but it is an interesting thing to see how replays are handled…

Originally posted on brockallen:
In Katana (Microsoft’s OWIN framework and host implementation) there is an abstraction for creating middleware that does authentication. Microsoft has defined base class called AuthenticationMiddleware and AuthenticationHandler (among other helper classes) and these work to process…

Originally posted on Badrinarayanan Lakshmiraghavan's Blog:
This is continuation of my previous post Basic Authentication with ASP.NET Web API Using OWIN Middleware, where I implemented HTTP basic authentication in a custom OWIN middleware class AuthenticationMiddleware that derives from the…