I'm a big proponent of delegated authentication. It's no surprise that Broken Authentication is #2 at the OWASP top 10 latest report. It's been #2 for a very long time, which means that developers and enterprises are still getting this wrong. There are so many ways that authentication that can go wrong, that delegated authentication should be the preferred and possibly the default choice for all platforms. There are many different services that can provide this. I've heavily worked with Azure AD and Azure AD B2C but this time I wanted to take Auth0 for a spin. In this post …[read more]
Showing all posts tagged: '.NET Core'
A 12-post collection
Managing sensitive information and secrets in config files is something we have to deal with on a daily basis. Unfortunately, this is also something that we still get wrong. In many cases, secrets spill from production to development and vice versa or we have to setup up obscure file transformations and processes to change said secrets as we move from one environment to another. .NET Core has introduced the notion of User Secrets which we can use to store application variables outside the application folder. The file that stores the secrets ends up in one of the following locations, depending …[read more]
Azure Search is a great service that allows developers to add search functionality in their applications. I blogged about how to index and query data from SQL Server using Azure Search before. Today, I want to talk about a more advanced scenario and one that could be more common than you think. By default, every Search index is designed to pull data from one source. The source can be a SQL Database, a blob storage or Azure Table Storage. However, there are valid scenarios where you may want to combined data from multiple sources in the same search index. There …[read more]
EF Core 2.0 has been out for a few weeks now. If you're looking at an ORM for your .NET application then EF Core should be at the top of the list of possible options. I say at the top and not the only one because depending on the project requirements, some features may be missing. For example, EF Core cut ties with .edmx so if you want to stick with the designer feature you will need to use EF6. There are other limitations so make sure you have a look at this post for API changes in 2. …[read more]
Hot off the press! The new Azure Container Instances service is a new offering (still in Preview) from Azure that allows you to launch and run your Docker Images in less than 10 seconds. In this post, I'll show you how to get started and what you need in order to be able to leverage the service. Prerequisites In order to follow along you'll need the following: An active Azure Subscription A machine that has the following installed Azure CLI Docker .NET Core (if you want to deploy a .NET Core app). Alternatively, node or any platform you wish to …[read more]