GitHub

Make it easier to discover how to enforce/require auth in an application

Make it easier to discover how to enforce auth: builder.Authentication.RequireAuthentication() or similar, which could just hide the call to add the AuthorizeAttribute filter. I like this idea. I've ...
Hacker

Permission-based Authorization in ASP.NET Core with AuthorizationPolicyProvider

There are various approaches to implement dynamic permission-based authorization; In this post I want to implement Custom AuthorizationPolicyProvider to simplify permission-based authorization ...
InfoWorld

How to secure ASP.Net Web APIs using authorization filters

Security is a major concern in web-based enterprise applications. When you need to transmit data over the wire, you should be aware of the various tools you can use to secure that data. ASP.Net Web ...
findnerd.com

Authorize ajax call in MVC

In many of our scenario's we intent to make ajax calls to get or post data. What if the session logged off before you made the ajax call, what will and should happen in this scenario. What will happen ...
findnerd.com

ASP.NET : Use of AllowAnonymous attribute

The AllowAnonymous attribute was introduced in ASP.NET MVC 4.This attribute is used for specifying those controller actions that can be accessed by anonymous users. For using this attribute we use a ...
Visual Studio Magazine

Creating Your Own ASP.NET MVC Authorization Attribute

Applying role-based security is easy in ASP.NET MVC: Just decorate the relevant action method/controller class with the Authorization attribute, specify the allowed roles, and you're done. Every once ...