Security

Azure App Configuration is a powerful way to manage and store application configuration on a central location. Integrating it into for instance ASP.NET (Core) is pretty straightforward. This post gives you an introduction to Azure App Configuration and a simple example of how to integrate it in ASP.NET Core. Creating an Azure App Configuration 🆕 Of course there are several ways to create a specific resource in the Azure Portal. One of the simplest is to go to the portal, open up App Configuration and click the Add button.

This post is part of a series on Managed Identity. For an introduction, see Managed Identity – Part I. For a post that shows you how to connect your application to different types of Azure resources using Managed Identity see Managed Identity – Part II. Stay tuned for future posts. Introduction Elaborating on Part I and Part II, this blog post will show you how to debug your Managed Identity enabled application locally.

This post is part of a series on Managed Identity. For an introduction, see Managed Identity – Part I. Stay tuned for future posts. Introduction Elaborating on Part I, this blog post will show you how to connect your application to different types of Azure resources using Managed Identity. To use the Managed Identity to actually connect to Azure Resources, you’re going to need the NuGet package Microsoft.Azure.Services.AppAuthentication. This package enables a service to authenticate to Azure services using the developer’s Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.

This post is part of a series on Managed Identity. Stay tuned for future posts. Introduction Connecting your application to a resource like Storage or a SQL database used to involve a connection string. This isn’t very secure. These settings are available through the Azure portal. So they might get compromised. With the introduction of Azure Key Vault, we got a way of separating these secrets from our application configuration. We can store them in a safe, secure place.

Calling an API from a Logic App is pretty straightforward. You open up the Logic App Designer and add an HTTP Action. Specify the method to use and the URI you want to call and you’re good to go! When the API you want to call uses Cookie Authentication, this seems pretty straightforward too. After all, the HTTP Action has an Authentication property you can set. However, this property doesn’t include Cookie authentication.

My employer Betabit hosted a Hack Yourself First workshop by Troy Hunt on Monday 5th and Tuesday 6th of June. Because we are always looking to improve, this was a great opportunity to tune up our security skills. We had a great time, got terrified and most of all: we learned a lot. First contact: a Twitter DM to Troy Hunt You think you know security We’ve seen a lot of different subjects during the workshop.

The title isn’t descriptive enough for this post, but it will have to do. Today I was trying to get an ASP.NET application to allow me to define two different login levels. What I was trying to do was the following: There’s a main ASP.NET application, which is allowed to be accessed by anyone (<allow users="*"> at https://www.domain.com/) There’s a customer part where a login is required. (https://www.domain.com/customers/) There’s a maintenance part where a different login is required.