1. Enjoy this blog? My book, ASP.NET Core in Action is available now! Click here to get the 1st chapter free.
2. Creating and trusting a self-signed certificate on Linux for use in Kestrel and ASP.NET Core

   In this post I show how to create a self-signed certificate on Linux. I show how you can trust the certificate, and how to configure Kestrel to use it.…

   October 03, 2017 in ASP.NET Core ASP.NET Core 2.0 Security
3. Creating a validator to check for common passwords in ASP.NET Core Identity

   In this post, I introduce a package for ASP.NET Core Identity that lets you validate a user hasn't used one of the most common 100,000 passwords.…

   July 18, 2017 in ASP.NET Core ASP.NET Core Identity Security .NET Core 2.0 Preview 2
4. Automatically validating anti-forgery tokens in ASP.NET Core with the AutoValidateAntiforgeryTokenAttribute

   This post shows how to apply the AutoValidateAntiforgeryTokenAttribute globally to automatically protect all dangerous action methods from CSRF attacks.…

   June 12, 2017 in ASP.NET Core Security CSRF
5. An introduction to OpenID Connect in ASP.NET Core

   In this post we take a look at the differences between OpenID Connect and OAuth, and how to use Open ID Connect in your ASP.NET Core application.…

   September 03, 2016 in ASP.NET Core Auth Security
6. A look behind the JWT bearer authentication middleware in ASP.NET Core

   In this post, we take a look at the JwtBearerAuthenticationMiddleware, looking at how it is implemented in ASP.NET Core as a means to understanding…

   August 23, 2016 in ASP.NET Core Security Auth Source Code Dive
7. Exploring the cookie authentication middleware in ASP.NET Core

   In this post I go into detail about how AuthenticationMiddleware is implemented in ASP.NET Core, using the CookieAuthenticationMiddleware as a case study.…

   August 07, 2016 in ASP.NET Core Source Code Dive Auth Security