SlideShare a Scribd company logo

End to End Security with MVC and Web API

Download as PPTX, PDF
Michele Leroux Bustamante
Michele Leroux Bustamante

This session discussed the authentication, authorization techniques of today for web and api applications based on ASP.NET MVC and Web API.

Technology
1 of 38
DEVintersection Session AS17 End-to-End Security for Your Web API and MVC Applications Michele Leroux Bustamante michelebusta@solliance.net
Michele Leroux Bustamante Managing Partner Solliance (solliance.net) CEO and Cofounder Snapboard (snapboard.com) Microsoft Regional Director Microsoft MVP Author, Speaker Pluralsight courses on the way! Blog: michelebusta.com michelebusta@solliance.net @michelebusta 2 © DEVintersection. All rights reserved. http://www.DEVintersection.com
Hello World! 1992
Hello World!
Hello World! 2013
WPF Client Windows Phone 8 Windows Phone 7 iPhone Windows 8/Surface Android Mobile Browsers iPad Web API Web API (mobile) (ajax) Web API (business) MVC Web
Things are complicated… So we seek simplicity where we can
WS-Federation WS-ReliableMessaging WS-PolicyAttachment OASIS Web Services Security WS* HELL WSDL WS-Coordination WS-CAF MTOM WS-Transfer WS-Eventing WS-BusinessActivity WS-ResourceTransfer WSRF DIME WS-Addressing SOAP
WS-Federation WS-ReliableMessaging WS-PolicyAttachment OASIS Web Services Security WS* HELL WSDL WS-Coordination WS-CAF MTOM WS-Transfer WS-Eventing WS-BusinessActivity WS-ResourceTransfer WSRF DIME WS-Addressing SOAP
Authentication / Authorization Considerations  Authentication   Windows, username/password, cert WS-Federation, SAML 2.0, OAuth2 w/ OpenID Connect  Token Formats   Windows, Basic SAML 1.1, SAML 2.0, JSON Web Token (JWT), SWT (legacy)  Authorization  Roles, Claims, social scenarios and architecture  Message Protection (TLS / SSL / WS*) 10 © DEVintersection. All rights reserved. http://www.DEVintersection.com
Browsers HTML View JS OK ajax View Controller Web API Controller MVC Web API Controller Web API
Mobile Browsers Devices HTML View JS OK ajax View Controller View/API Controller View View Views MVC
WPF Client OK API Controller Web API
Windows Clients OK Windows Mobile Devices OK Other Clients OK iOS Mobile Android Mobile Devices Devices OK OK API Controller Web API
Wherever possible choose the lowest common denominator
Demo WebSecurity and Claims
POINTS: WebSecurity and Claims  Initialize WebSecurity early  Use ClaimsPrincipal to get all claims (Roles)  Install AuthorizationAttribute as a filter, use AllowAnonymousAttribute  Use AuthorizationAttribute to prevent access by roles  Create utilities to streamline use of claims 17 © DEVintersection. All rights reserved. http://www.DEVintersection.com
Demo Enabling WIF Sessions
POINTS: WIF Sessions  Create a custom SessionAuthenticationModule  Encapsulate cookie write/delete, ClaimsPrincipal create  For Forms redirect, need WebSecurity enabled  Must delete forms cookie + session cookie  Other WIF best practices    Use SSL Server side session cookies (space, load balancing) Shared token cache (replay detection, load balancing) 19 © DEVintersection. All rights reserved. http://www.DEVintersection.com
POINTS: Additional WIF Techniques  ClaimsAuthenticationManager  Transform claims from user authentication into application claims (assumes stored by app)  ClaimsAuthorizationManager   Use with custom AuthorizationAttribute See Thinktecture library  ClaimsPrincipalPermission  DO NOT USE 20 © DEVintersection. All rights reserved. http://www.DEVintersection.com
Demo Calling Web API
POINTS: Web API Calls  Must authenticate calls to Web API  Trusted Subsystem   No need to authenticate the user again Provide a key (Windows, Certificate, signed token)  JWT   New preferred way to send lightweight token Pass user claims relevant to downstream services 22 © DEVintersection. All rights reserved. http://www.DEVintersection.com
Social Login and User Consent  OAuth 2.0   Supports variations of passive and active federation Popular for used for user consent flows where an applications wants access to user information from another applications     Sharing flickr photos Sharing tweets Facebook integration NOT for authentication  Authentication    Twitter Facebook Connect OpenID Connect 23 © DEVintersection. All rights reserved. http://www.DEVintersection.com
User Consent Browser 3 Login Page 11 Requested Information 1 5 4 Authorization Code 6 Client Application 8 Store Tokens 2 Get access token 7 Access + refresh token 9 Authorization Server Request information 10 Requested Information Resource Server
Social Login / Delegated Authorization  Typical choices for B-to-B    Username/password Twitter Linked In  Typical choices for B-to-C     Username/password Twitter Facebook (maybe) Google+  Corporate environments    Windows Username/password Live ID 25 © DEVintersection. All rights reserved. http://www.DEVintersection.com
Registration Options
Create Account
Facebook Registration
Facebook Registration (2)
Twitter Registration
Social Login
Demo Social Login
Login or Register?  Make both available  Make it obvious  Navigation bar is one option 33 © DEVintersection. All rights reserved. http://www.DEVintersection.com
Access Control & Twitter Browser 3 Google 1 6 2 FaceBook Yahoo! Windows Live 5 Access Control Your App Twitter 4 Your STS
Your App & Facebook / Twitter Browser FaceBook Twitter Your App OAuthWebSecurity
Access Control, Social & Azure AD (vision) Browser Google Yahoo! Access Control Your App User Profile Azure AD FaceBook Windows Live Twitter
Identity and Access Management Tools  Windows Azure Active Directory    Sync directories with domain Spin up new directories Connect with other IdP  Thinktecture    Code base for IdP and Authorization Server Fully functional, you own it, you can edit it WS-Fed and OAuth2, SAML2 coming  Auth0   Hosted model, affordable, from small bus to enterprise When you don’t want to own the code, need IdP, Authorization Server/OpenID Connect support 37 © DEVintersection. All rights reserved. http://www.DEVintersection.com
References  Conference resources:  http://michelebusta.com  See my snapboards:   Currently at the alpha site: http://snapboardalpha.cloudapp.net/michelebusta Will move these to snapboard.com/michelebusta when we go live on the main site (SOON watch my blog for announcement)  Contact me:   michelebusta@solliance.net @michelebusta 38 © DEVintersection. All rights reserved. http://www.DEVintersection.com

Recommended

Social Login
Social LoginSocial Login
Social LoginMichele Leroux Bustamante
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
Mobile devices and SharePoint
Mobile devices and SharePointMobile devices and SharePoint
Mobile devices and SharePointmaliksahil
 
SharePoint Saturday The Conference DC - How the bcs saved my marriage
SharePoint Saturday The Conference DC - How the bcs saved my marriageSharePoint Saturday The Conference DC - How the bcs saved my marriage
SharePoint Saturday The Conference DC - How the bcs saved my marriageLiam Cleary [MVP]
 
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and AuthorizationDan Usher
 
Membership Plugins in WordPress
Membership Plugins in WordPressMembership Plugins in WordPress
Membership Plugins in WordPressPeter Baylies
 
2014-04-05 - SPSPhilly - Getting Started with Office 365
2014-04-05 - SPSPhilly - Getting Started with Office 3652014-04-05 - SPSPhilly - Getting Started with Office 365
2014-04-05 - SPSPhilly - Getting Started with Office 365Dan Usher
 
Rp Live@Edu Sso
Rp Live@Edu SsoRp Live@Edu Sso
Rp Live@Edu Ssoremco_ploeg
 

Recommended

Social Login
Social LoginSocial Login
Social LoginMichele Leroux Bustamante
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
Mobile devices and SharePoint
Mobile devices and SharePointMobile devices and SharePoint
Mobile devices and SharePointmaliksahil
 
SharePoint Saturday The Conference DC - How the bcs saved my marriage
SharePoint Saturday The Conference DC - How the bcs saved my marriageSharePoint Saturday The Conference DC - How the bcs saved my marriage
SharePoint Saturday The Conference DC - How the bcs saved my marriageLiam Cleary [MVP]
 
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and AuthorizationDan Usher
 
Membership Plugins in WordPress
Membership Plugins in WordPressMembership Plugins in WordPress
Membership Plugins in WordPressPeter Baylies
 
2014-04-05 - SPSPhilly - Getting Started with Office 365
2014-04-05 - SPSPhilly - Getting Started with Office 3652014-04-05 - SPSPhilly - Getting Started with Office 365
2014-04-05 - SPSPhilly - Getting Started with Office 365Dan Usher
 
Rp Live@Edu Sso
Rp Live@Edu SsoRp Live@Edu Sso
Rp Live@Edu Ssoremco_ploeg
 
Umbraco in 10 minutes
Umbraco in 10 minutesUmbraco in 10 minutes
Umbraco in 10 minutesCraig Bailey
 
Kentico CMS Overview
Kentico CMS OverviewKentico CMS Overview
Kentico CMS OverviewCraig Bailey
 
SharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoSharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoLiam Cleary [MVP]
 
SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...Liam Cleary [MVP]
 
WordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the MassesWordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the MassesDavid Tufts
 
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...Drew Madelung
 
Share followsync
Share followsyncShare followsync
Share followsyncPaul Stork (Microsoft MVP)
 
Joomunited social backlinks
Joomunited social backlinksJoomunited social backlinks
Joomunited social backlinksxavierreiss
 
Architecture of RIA from JAOO
Architecture of RIA from JAOOArchitecture of RIA from JAOO
Architecture of RIA from JAOOJosh Holmes
 
OAuth 1.0
OAuth 1.0OAuth 1.0
OAuth 1.0simonetripodi
 
Google Apps Product Slides 3 29 10
Google Apps Product Slides 3 29 10Google Apps Product Slides 3 29 10
Google Apps Product Slides 3 29 10mmanninghbit
 
Everything you need to know about sharing files in SharePoint & OneDrive - SP...
Everything you need to know about sharing files in SharePoint & OneDrive - SP...Everything you need to know about sharing files in SharePoint & OneDrive - SP...
Everything you need to know about sharing files in SharePoint & OneDrive - SP...Drew Madelung
 
Building solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and TeamsBuilding solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and TeamsVignesh Ganesan I Microsoft MVP
 
Migration from File servers to M365 Business
Migration from File servers to M365 BusinessMigration from File servers to M365 Business
Migration from File servers to M365 BusinessRobert Crane
 
Governance is Not An Option
Governance is Not An OptionGovernance is Not An Option
Governance is Not An Optionspsnyc
 
Bulding anextraneto365
Bulding anextraneto365Bulding anextraneto365
Bulding anextraneto365Paul Stork (Microsoft MVP)
 
SharePoint as a Web CMS
SharePoint as a Web CMSSharePoint as a Web CMS
SharePoint as a Web CMSCraig Bailey
 
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...Paul Stork (Microsoft MVP)
 
XCC Personalization
XCC PersonalizationXCC Personalization
XCC PersonalizationTIMETOACT GROUP
 
6 types of web application development
6 types of web application development6 types of web application development
6 types of web application developmentClustox
 
201401217 potatotips no12-for_slideshare_english
201401217 potatotips no12-for_slideshare_english201401217 potatotips no12-for_slideshare_english
201401217 potatotips no12-for_slideshare_englishtkawashita
 
Mobile Inception - Web API Security
Mobile Inception - Web API SecurityMobile Inception - Web API Security
Mobile Inception - Web API SecurityMobileInception
 

More Related Content

What's hot

Umbraco in 10 minutes
Umbraco in 10 minutesUmbraco in 10 minutes
Umbraco in 10 minutesCraig Bailey
 
Kentico CMS Overview
Kentico CMS OverviewKentico CMS Overview
Kentico CMS OverviewCraig Bailey
 
SharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoSharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoLiam Cleary [MVP]
 
SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...Liam Cleary [MVP]
 
WordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the MassesWordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the MassesDavid Tufts
 
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...Drew Madelung
 
Joomunited social backlinks
Joomunited social backlinksJoomunited social backlinks
Joomunited social backlinksxavierreiss
 
Architecture of RIA from JAOO
Architecture of RIA from JAOOArchitecture of RIA from JAOO
Architecture of RIA from JAOOJosh Holmes
 
Google Apps Product Slides 3 29 10
Google Apps Product Slides 3 29 10Google Apps Product Slides 3 29 10
Google Apps Product Slides 3 29 10mmanninghbit
 
Everything you need to know about sharing files in SharePoint & OneDrive - SP...
Everything you need to know about sharing files in SharePoint & OneDrive - SP...Everything you need to know about sharing files in SharePoint & OneDrive - SP...
Everything you need to know about sharing files in SharePoint & OneDrive - SP...Drew Madelung
 
Building solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and TeamsBuilding solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and TeamsVignesh Ganesan I Microsoft MVP
 
Migration from File servers to M365 Business
Migration from File servers to M365 BusinessMigration from File servers to M365 Business
Migration from File servers to M365 BusinessRobert Crane
 
Governance is Not An Option
Governance is Not An OptionGovernance is Not An Option
Governance is Not An Optionspsnyc
 
SharePoint as a Web CMS
SharePoint as a Web CMSSharePoint as a Web CMS
SharePoint as a Web CMSCraig Bailey
 
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...Paul Stork (Microsoft MVP)
 
6 types of web application development
6 types of web application development6 types of web application development
6 types of web application developmentClustox
 

What's hot (20)

Umbraco in 10 minutes
Umbraco in 10 minutesUmbraco in 10 minutes
Umbraco in 10 minutes
 
Kentico CMS Overview
Kentico CMS OverviewKentico CMS Overview
Kentico CMS Overview
 
SharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoSharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San Francisco
 
SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...
 
WordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the MassesWordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the Masses
 
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...
30 on Thursday - Your Digitial Workplace: Store, Share & Sync with Microsoft ...
 
Share followsync
Share followsyncShare followsync
Share followsync
 
Joomunited social backlinks
Joomunited social backlinksJoomunited social backlinks
Joomunited social backlinks
 
Architecture of RIA from JAOO
Architecture of RIA from JAOOArchitecture of RIA from JAOO
Architecture of RIA from JAOO
 
OAuth 1.0
OAuth 1.0OAuth 1.0
OAuth 1.0
 
Google Apps Product Slides 3 29 10
Google Apps Product Slides 3 29 10Google Apps Product Slides 3 29 10
Google Apps Product Slides 3 29 10
 
Everything you need to know about sharing files in SharePoint & OneDrive - SP...
Everything you need to know about sharing files in SharePoint & OneDrive - SP...Everything you need to know about sharing files in SharePoint & OneDrive - SP...
Everything you need to know about sharing files in SharePoint & OneDrive - SP...
 
Building solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and TeamsBuilding solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and Teams
 
Migration from File servers to M365 Business
Migration from File servers to M365 BusinessMigration from File servers to M365 Business
Migration from File servers to M365 Business
 
Governance is Not An Option
Governance is Not An OptionGovernance is Not An Option
Governance is Not An Option
 
Bulding anextraneto365
Bulding anextraneto365Bulding anextraneto365
Bulding anextraneto365
 
SharePoint as a Web CMS
SharePoint as a Web CMSSharePoint as a Web CMS
SharePoint as a Web CMS
 
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...
Share, Follow, and Sync: How SharePoint 2013 uses Personal MySites for Social...
 
XCC Personalization
XCC PersonalizationXCC Personalization
XCC Personalization
 
6 types of web application development
6 types of web application development6 types of web application development
6 types of web application development
 

Viewers also liked

201401217 potatotips no12-for_slideshare_english
201401217 potatotips no12-for_slideshare_english201401217 potatotips no12-for_slideshare_english
201401217 potatotips no12-for_slideshare_englishtkawashita
 
Mobile Inception - Web API Security
Mobile Inception - Web API SecurityMobile Inception - Web API Security
Mobile Inception - Web API SecurityMobileInception
 
Web API Security
Web API SecurityWeb API Security
Web API SecurityStefaan
 
Web Api services using IBM Datapower
Web Api services using IBM DatapowerWeb Api services using IBM Datapower
Web Api services using IBM DatapowerSigortam.net
 
Owin and-katana-overview
Owin and-katana-overviewOwin and-katana-overview
Owin and-katana-overviewsonia merchant
 
ASP.NET MVC Web API -twMVC#8
ASP.NET MVC Web API -twMVC#8ASP.NET MVC Web API -twMVC#8
ASP.NET MVC Web API -twMVC#8twMVC
 
ASP.NET Web API O to 100
ASP.NET Web API O to 100ASP.NET Web API O to 100
ASP.NET Web API O to 100Himanshu Desai
 
Moving forward with ASP.NET Core
Moving forward with ASP.NET CoreMoving forward with ASP.NET Core
Moving forward with ASP.NET CoreEnea Gabriel
 
CA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application SecurityCA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application SecurityCA Technologies
 
Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionMichele Leroux Bustamante
 
Tips and Tricks For Faster Asp.NET and MVC Applications
Tips and Tricks For Faster Asp.NET and MVC ApplicationsTips and Tricks For Faster Asp.NET and MVC Applications
Tips and Tricks For Faster Asp.NET and MVC ApplicationsSarvesh Kushwaha
 
Web api crud operations
Web api crud operationsWeb api crud operations
Web api crud operationsEyal Vardi
 
Creating scalable message driven solutions akkadotnet
Creating scalable message driven solutions akkadotnetCreating scalable message driven solutions akkadotnet
Creating scalable message driven solutions akkadotnetDavid Hoerster
 
Compatibility testing
Compatibility testingCompatibility testing
Compatibility testingAnkit Gujjar
 
ASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiTiago Knoch
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 

Viewers also liked (20)

201401217 potatotips no12-for_slideshare_english
201401217 potatotips no12-for_slideshare_english201401217 potatotips no12-for_slideshare_english
201401217 potatotips no12-for_slideshare_english
 
Mobile Inception - Web API Security
Mobile Inception - Web API SecurityMobile Inception - Web API Security
Mobile Inception - Web API Security
 
Web API Security
Web API SecurityWeb API Security
Web API Security
 
Web Api services using IBM Datapower
Web Api services using IBM DatapowerWeb Api services using IBM Datapower
Web Api services using IBM Datapower
 
Owin and-katana-overview
Owin and-katana-overviewOwin and-katana-overview
Owin and-katana-overview
 
The Future of ASP.NET
The Future of ASP.NETThe Future of ASP.NET
The Future of ASP.NET
 
Owin e katana
Owin e katanaOwin e katana
Owin e katana
 
ASP.NET MVC Web API -twMVC#8
ASP.NET MVC Web API -twMVC#8ASP.NET MVC Web API -twMVC#8
ASP.NET MVC Web API -twMVC#8
 
ASP.NET Web API O to 100
ASP.NET Web API O to 100ASP.NET Web API O to 100
ASP.NET Web API O to 100
 
Moving forward with ASP.NET Core
Moving forward with ASP.NET CoreMoving forward with ASP.NET Core
Moving forward with ASP.NET Core
 
CA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application SecurityCA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application Security
 
Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure Solution
 
Tips and Tricks For Faster Asp.NET and MVC Applications
Tips and Tricks For Faster Asp.NET and MVC ApplicationsTips and Tricks For Faster Asp.NET and MVC Applications
Tips and Tricks For Faster Asp.NET and MVC Applications
 
Web api crud operations
Web api crud operationsWeb api crud operations
Web api crud operations
 
Creating scalable message driven solutions akkadotnet
Creating scalable message driven solutions akkadotnetCreating scalable message driven solutions akkadotnet
Creating scalable message driven solutions akkadotnet
 
Compatibility testing
Compatibility testingCompatibility testing
Compatibility testing
 
Middlewares ASP.NET
Middlewares ASP.NETMiddlewares ASP.NET
Middlewares ASP.NET
 
ASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiASP.NET Mvc 4 web api
ASP.NET Mvc 4 web api
 
Compatibility testing
Compatibility testingCompatibility testing
Compatibility testing
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
 

Similar to End to End Security with MVC and Web API

Introduction to the Windows Live Platform
Introduction to the Windows Live PlatformIntroduction to the Windows Live Platform
Introduction to the Windows Live PlatformClint Edmonson
 
CoNGNes 2009 - Microsoft BPOS - 22-01-2009 - Final - PPT2K3
CoNGNes 2009 - Microsoft BPOS - 22-01-2009 - Final - PPT2K3CoNGNes 2009 - Microsoft BPOS - 22-01-2009 - Final - PPT2K3
CoNGNes 2009 - Microsoft BPOS - 22-01-2009 - Final - PPT2K3Peter de Haas
 
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring WebshellOAuth in the Real World featuring Webshell
OAuth in the Real World featuring WebshellCA API Management
 
Web Contact System Overview - Cisco Integration
Web Contact System Overview - Cisco IntegrationWeb Contact System Overview - Cisco Integration
Web Contact System Overview - Cisco IntegrationSandro Parisi
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...CoLaboraDK
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Peter Selch Dahl
 
Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talkpooyad
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsSalesforce Developers
 
Service Oriented UI Architecture in the world of web, desktop, & mobile appli...
Service Oriented UI Architecture in the world of web, desktop, & mobile appli...Service Oriented UI Architecture in the world of web, desktop, & mobile appli...
Service Oriented UI Architecture in the world of web, desktop, & mobile appli...Axway Appcelerator
 
SD Forum Java SIG - Service Oriented UI Architecture
SD Forum Java SIG - Service Oriented UI ArchitectureSD Forum Java SIG - Service Oriented UI Architecture
SD Forum Java SIG - Service Oriented UI ArchitectureJeff Haynie
 
Lixsql port enterprise integration
Lixsql port enterprise integrationLixsql port enterprise integration
Lixsql port enterprise integrationSandro Pereira
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsShailen Sukul
 
SharePoint in the Extranet Joel Oleson
SharePoint in the Extranet Joel OlesonSharePoint in the Extranet Joel Oleson
SharePoint in the Extranet Joel Olesonwebhostingguy
 
Ws08 R2 Itpro Session 2 Technical Overview Part2
Ws08 R2 Itpro Session 2 Technical Overview Part2Ws08 R2 Itpro Session 2 Technical Overview Part2
Ws08 R2 Itpro Session 2 Technical Overview Part2chenley
 
Magento Imgine eCommerce Conference February 2011: Mashup of Magento and Sale...
Magento Imgine eCommerce Conference February 2011: Mashup of Magento and Sale...Magento Imgine eCommerce Conference February 2011: Mashup of Magento and Sale...
Magento Imgine eCommerce Conference February 2011: Mashup of Magento and Sale...varien
 
Cloud 12 08 V2
Cloud 12 08 V2Cloud 12 08 V2
Cloud 12 08 V2Pini Cohen
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceKasun Indrasiri
 
Exchange Server 2013 and SharePoint Server 2013 Integration
Exchange Server 2013 and SharePoint Server 2013 IntegrationExchange Server 2013 and SharePoint Server 2013 Integration
Exchange Server 2013 and SharePoint Server 2013 IntegrationSharePoint Saturday New Jersey
 

Similar to End to End Security with MVC and Web API (20)

Introduction to the Windows Live Platform
Introduction to the Windows Live PlatformIntroduction to the Windows Live Platform
Introduction to the Windows Live Platform
 
CoNGNes 2009 - Microsoft BPOS - 22-01-2009 - Final - PPT2K3
CoNGNes 2009 - Microsoft BPOS - 22-01-2009 - Final - PPT2K3CoNGNes 2009 - Microsoft BPOS - 22-01-2009 - Final - PPT2K3
CoNGNes 2009 - Microsoft BPOS - 22-01-2009 - Final - PPT2K3
 
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring WebshellOAuth in the Real World featuring Webshell
OAuth in the Real World featuring Webshell
 
Web Contact System Overview - Cisco Integration
Web Contact System Overview - Cisco IntegrationWeb Contact System Overview - Cisco Integration
Web Contact System Overview - Cisco Integration
 
ad.ppt
ad.pptad.ppt
ad.ppt
 
Ad.Ppt
Ad.PptAd.Ppt
Ad.Ppt
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
 
Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talk
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected Apps
 
Service Oriented UI Architecture in the world of web, desktop, & mobile appli...
Service Oriented UI Architecture in the world of web, desktop, & mobile appli...Service Oriented UI Architecture in the world of web, desktop, & mobile appli...
Service Oriented UI Architecture in the world of web, desktop, & mobile appli...
 
SD Forum Java SIG - Service Oriented UI Architecture
SD Forum Java SIG - Service Oriented UI ArchitectureSD Forum Java SIG - Service Oriented UI Architecture
SD Forum Java SIG - Service Oriented UI Architecture
 
Lixsql port enterprise integration
Lixsql port enterprise integrationLixsql port enterprise integration
Lixsql port enterprise integration
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning Models
 
SharePoint in the Extranet Joel Oleson
SharePoint in the Extranet Joel OlesonSharePoint in the Extranet Joel Oleson
SharePoint in the Extranet Joel Oleson
 
Ws08 R2 Itpro Session 2 Technical Overview Part2
Ws08 R2 Itpro Session 2 Technical Overview Part2Ws08 R2 Itpro Session 2 Technical Overview Part2
Ws08 R2 Itpro Session 2 Technical Overview Part2
 
Magento Imgine eCommerce Conference February 2011: Mashup of Magento and Sale...
Magento Imgine eCommerce Conference February 2011: Mashup of Magento and Sale...Magento Imgine eCommerce Conference February 2011: Mashup of Magento and Sale...
Magento Imgine eCommerce Conference February 2011: Mashup of Magento and Sale...
 
Cloud 12 08 V2
Cloud 12 08 V2Cloud 12 08 V2
Cloud 12 08 V2
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
 
Exchange Server 2013 and SharePoint Server 2013 Integration
Exchange Server 2013 and SharePoint Server 2013 IntegrationExchange Server 2013 and SharePoint Server 2013 Integration
Exchange Server 2013 and SharePoint Server 2013 Integration
 

More from Michele Leroux Bustamante

.NET Developer Days - Launching Patterns for Containers
.NET Developer Days - Launching Patterns for Containers.NET Developer Days - Launching Patterns for Containers
.NET Developer Days - Launching Patterns for ContainersMichele Leroux Bustamante
 
.NET Developer Days - So many Docker platforms, so little time...
.NET Developer Days - So many Docker platforms, so little time....NET Developer Days - So many Docker platforms, so little time...
.NET Developer Days - So many Docker platforms, so little time...Michele Leroux Bustamante
 
The Ultimate Logging Architecture - You KNOW you want it!
The Ultimate Logging Architecture - You KNOW you want it!The Ultimate Logging Architecture - You KNOW you want it!
The Ultimate Logging Architecture - You KNOW you want it!Michele Leroux Bustamante
 
Unleash Your Inner Startup (Sweden, Dev Sum)
Unleash Your Inner Startup (Sweden, Dev Sum)Unleash Your Inner Startup (Sweden, Dev Sum)
Unleash Your Inner Startup (Sweden, Dev Sum)Michele Leroux Bustamante
 
Pricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldPricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldMichele Leroux Bustamante
 

More from Michele Leroux Bustamante (16)

So Many Docker Platforms...so little time
So Many Docker Platforms...so little timeSo Many Docker Platforms...so little time
So Many Docker Platforms...so little time
 
Surviving Microservices - v2
Surviving Microservices - v2Surviving Microservices - v2
Surviving Microservices - v2
 
.NET Developer Days - Launching Patterns for Containers
.NET Developer Days - Launching Patterns for Containers.NET Developer Days - Launching Patterns for Containers
.NET Developer Days - Launching Patterns for Containers
 
.NET Developer Days - So many Docker platforms, so little time...
.NET Developer Days - So many Docker platforms, so little time....NET Developer Days - So many Docker platforms, so little time...
.NET Developer Days - So many Docker platforms, so little time...
 
The Ultimate Logging Architecture - You KNOW you want it!
The Ultimate Logging Architecture - You KNOW you want it!The Ultimate Logging Architecture - You KNOW you want it!
The Ultimate Logging Architecture - You KNOW you want it!
 
The Power of Social Login
The Power of Social LoginThe Power of Social Login
The Power of Social Login
 
Unleash Your Inner Startup (Sweden, Dev Sum)
Unleash Your Inner Startup (Sweden, Dev Sum)Unleash Your Inner Startup (Sweden, Dev Sum)
Unleash Your Inner Startup (Sweden, Dev Sum)
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
 
Security Avalanche
Security AvalancheSecurity Avalanche
Security Avalanche
 
Surviving the Azure Avalanche
Surviving the Azure AvalancheSurviving the Azure Avalanche
Surviving the Azure Avalanche
 
DevOps for Azure
DevOps for AzureDevOps for Azure
DevOps for Azure
 
Windows Azure Essentials V3
Windows Azure Essentials V3Windows Azure Essentials V3
Windows Azure Essentials V3
 
Channel Your Inner Startup and Go For It!
Channel Your Inner Startup and Go For It!Channel Your Inner Startup and Go For It!
Channel Your Inner Startup and Go For It!
 
Global Windows Azure Bootcamp - San Diego
Global Windows Azure Bootcamp - San DiegoGlobal Windows Azure Bootcamp - San Diego
Global Windows Azure Bootcamp - San Diego
 
Windows Azure Essentials
Windows Azure EssentialsWindows Azure Essentials
Windows Azure Essentials
 
Pricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldPricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric World
 

Recently uploaded

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Recently uploaded (20)

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

End to End Security with MVC and Web API