Claims augmentation with OWIN but outside of Startup code

Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token).  However, sometimes there is a need to modify that list with claims derived from other sources: Attributes retrieved from custom databases Attributes not initially included…

0

Discovering AuthorizeAttribute role names

The AuthorizeAttribute is used in ASP.NET code to decorate controller classes and methods which require authorization, e.g. [Authorize(Roles =”admin”)] public class HomeController : Controller { Meaning that to call any method in this class, the user needs to have a role claim with the value ‘admin’. With many controllers and methods the number of roles used…

0

ASP.NET WebForms OAuth2 multi-tenant resource and WPF client

Most published WebAPI samples (e.g. http://msdn.microsoft.com/en-us/library/azure/dn646737.aspx) are based on the MVC and OWin infrastructure, which is not available in WebForms applications. Following is a custom implementation of an OAuth2 access token handler presented by a WPF rich client application. The WPF is responsible for managing the OAuth code grant flow to obtain the token and present…

0

OAuth2 with ADFS and WAAD using C#

Overview The following summarizes the process of creating an end-to-end OAuth2 sample using ADFS 2.1 (or Windows Azure Active Directory). Web site setup Use the VS.NET 2012 ASP.NET MVC 4 WebAPI project template to setup your server project. Token handling To process the incoming JWT token open the global.asax class and add to it the…

0

Azure: post-deployment updates

Here are some techniques to dynamically modify a running Azure application. They all rely on using blob storage as source of modification and presume that the application was originally written to use these changes: 1. New/changed Silverlight applications You can store your Silverlight xaps in blob storage and reference them from pages served by a…

1

Dynamic branding for Azure web-roles

Here is an approach to providing ASP.NET server-side customization data post-deployment in Azure. It is particularly applicable to multi-tenant solutions, where individual users may need to be served pages using different master pages, user controls, html pages, themes, etc. It is also applicable to a single-tenant solution. The common factor is the ability to provide…

0