In this post, Senior Consultant, Marius Rochon showcases how to discover 'AuthorizeAttribute' role names. The AuthorizeAttribute is used in ASP.NET code to decorate controller classes and methods which require authorization, e.g. [Authorize(Roles =“admin”)] public class HomeController : Controller { Meaning that to call any method in this c...
In a recent post from his blog, Premier Developer Consultant Marius Rochon talks about problems with single SignOut. Single Sign In relies on the token issuer holding on to a cookie, which tells it about the user identity after the first signin. The issuer can then respond to a request for token in whatever protocol it came in (WSFed, SAML, Open...
In a recent post from his blog, Premier Developer Consultant Marius Rochon gives us a step-by-step overview of how to use OAuth2 Client Credential flow with an X509 certificate. This Azure AD sample shows how to use OAuth2 Client Credential flow with an X509 certificate for authentication. Here is a procedure I use to periodically rollover the c...
Cybercrime is no longer a distant warning. It is an active industry with talented players, lucrative ambitions, and devastating consequences. A recent study estimated the cost the US economy about $140 billion annually. The numbers grow year over year and that’s just financials you can measure. It’s difficult...
