Microservices should control the UI
In previous articles I discussed the different ways a use case can be broken down into services. In the following article I will extend on that and show how the back-end should drive your front-end.
Tag Archives: C#
Developer interview questions – C# .net
Some basic interview questions. Its not comprehensive and ill extend this as needed.
Secure HTTP without HSTS
In the previous post I showed how to enable HSTS so that all HTTP traffic to a website is secured. As cool as that is, the unfortunate reality is that it is not always possible to secure all HTTP traffic for a website especially when dealing with some legacy technology.
Secure HTTP with HSTS in IIS
HTTP Strict Transport Security or HSTS is a header that instructs a browser not to downgrade a secure https connection to a unsecure HTTP connection for a specified domain.
Enable secure cookies over HTTPS.
It is important to realize that although a website might be running under HTTPS it does not guarantee that the session information is not accessible from normal HTTP requests. When a session cookie is generated it is important to make sure that the cookie can only be transmitted over a secure HTTP connection (HTTPS).
Create your own Identity Provider (IP-STS)
In the following example i will show how to build an Identity Provider also called a passive security token service (IP-STS) that issues tokens using WS-Federation. This post builds on work done in a previous post, Create your own active STS. In this article I will show how to create a complete working example of an… Read More »
Decoding FedAuth Token
I created a windows forms application sample that can assist with decoding to FedAuth tokens captured from tools like Fiddler, source is included. It is downloadable from this link.
What is new in C# 6
So what is new in C# 6.0? I am documenting the new features in C# 6.0 simply to keep myself up to date and maybe someone else will also benefit.
What is new in C# 5
Creating your own Active STS
The following example uses an active security token service (A-STS) that issues tokens using the WS-Trust standard. The type of STS discussed in this post is called a Active STS OR A-STS, it refers to the client that is actively in control of its own authenticated state. This client will typically have its own login window build into the… Read More »
Self hosting WCF with C#.
I am going to step through a sample that i wrote that shows how easy it is to create a self hosted WCF service in c#. The sample code can be downloaded here and may be used freely.