IdentityServer in Docker Containers: HTTPS and SameSite (Part 3)
In this third part of the series, we tackle login issues in IdentityServer caused by cookie restrictions in HTTP and show how to resolve them by
Read more →Posts — page 2 of 3
-
-
IdentityServer in Docker Containers: Networking (Part 2)
This is part 2 of a blog series on containerizing a Duende IdentityServer and a client application. In this post, we resolve communication challenges that
Read more → -
IdentityServer in Docker Containers - Part 1
Getting Duende IdentityServer and a client application up and running in separate containers can be challenging. This blog post will provide a
Read more → -
Pushed Authorization Requests (PAR) in ASP.NET Core 9
ASP.NET Core 9 introduces support for Pushed Authorization Requests (PAR) in its OpenIdConnect authentication handler. But what exactly is PAR, and why
Read more → -
Introducing the Cloud Debugger for Azure
The Cloud Debugger is an open-source tool for Azure developers to explore, learn, and troubleshoot their Azure cloud environments. Whether preparing for
Read more → -
User Delegation SAS Tokens In Azure Explained
I discovered many interesting Azure features while studying for the AZ-204 certification. One of these features is User Delegation SAS tokens, a way to
Read more → -
Running Docker in an Azure Windows Virtual Machine – Not so fast!
This blog post describes getting Docker up and running inside an Azure Windows Virtual Machine. This might sound like a simple task, but trust me, there
Read more → -
Deploy Container to Azure App Services with System-Assigned Identity
In this blog post, I will guide you through deploying a custom container image to Azure App Services from a private container registry using a
Read more → -
Deploy containers Azure App Services using user-assigned managed identity
This blog post describes my approach to successfully deploying a custom container image to Azure App Services from a private container registry, using a
Read more → -
Discovering .NET codebases using code coverage and NCrunch
Exploring and discovering unfamiliar codebases is always a challenge. In this blog post, I will introduce a novel way to explore a new codebase by looking
Read more → -
DefaultAzureCredentials Under the Hood
The DefaultAzureCredentials is key for using Azure services, but how exactly does it work and when should you use it? In this post, we’ll break down how
Read more → -
Introducing the Data Protection API Key Ring Debugger
When you’re working with the Data Protection API in ASP.NET, you quickly notice how powerful and simple this service is. At the same time, you have little
Read more → -
Persisting the ASP.NET Core Data Protection Key Ring in Azure Key Vault
The ASP.NET Core Data Protection API (DPAPI) is an essential service in ASP.NET Core that is often overlooked. This post will give an overview of what it
Read more → -
Improving ASP.NET Core Security By Putting Your Cookies On A Diet
In this blog post, we’ll explore a practical way to enhance the security of your ASP.NET Core applications by reducing the size of authentication cookies
Read more → -
Demystifying OpenID Connect's State and Nonce Parameters in ASP.NET Core
In the world of web application security, OpenID Connect plays a key role in streamlining authentication processes. But what makes it really tick? In this
Read more → -
Exploring what is inside the ASP.NET Core cookies
ASP.NET Core generates various types of cookies, such as authentication, antiforgery, and session cookies. In this blog post, we’ll take a closer look at
Read more →
