Posts

Showing posts with the label Security

Migrating database from ASP.NET Identity to ASP.NET Core Identity

Image
As you know ASP.NET Core Identity (table structure) is different from what we had earlier in ASP.NET Identity. Actually the identity system which we have today with .NET Core is very mature and continuously evolved be it ASP.NET Membership, ASP.NET Identity 1, ASP.NET Identity 2 and now ASP.NET Core Identity.

Recently I had to migrate few application to ASP.NET Core and similar its identity database. Because the table schema is changed, i had to re-think and create migration script which I would like to share with you today.

It is very simple and easy, just three step and I had everything ready:

STEP 1 : Change name of existing tables
STEP 2 : Create ASP.NET Core Identity tables
STEP 3 : Migrate data from old tables (ASP.NET Identity) to new tables (ASP.NET Core Identity)


Script: https://gist.github.com/itorian/c699e8534b392a6c726ec66c48100072

You should also watch my video, where I demoed migration.


Free SSL Certificate for your website - from CloudFlare

Image
In this video post you will learn about free SSL certificate and its installation. This free SSL certificate is from CloudFlare but due to lack of installation guidelines and step by step we as a developer ignores this. Using CloudFlare SSL is a great advantage because you get other service for free too. Off-course, with paid plans you will get all the gems. Remember this never affects your SEO ranks.

Now, let's begin talking about this free SSL certificate. CloudFlare SSL sits between your user and your hosting server. So any potential attack is taken care by CloudFlare before they reach your server. So your user will see SSL certificate till their request reaches CloudFlare server.

If you already have a website running without SSL and you want to get this, then i would recommend to take a screenshot of your domain NS, CNAME, A, AAAA, MX records before you try this.

If you don't want any downtime, off-course, then steps would be like: whatever settings you have on your domai…

Seeding ASP.NET Identity Database

In this post you will learn how to seed User’s Profile database tables (AspNetUsers and UserProfileInfoes, we created in last post) with dummy data.

Customizing User's Profile to add new fields in brand new database table

Image
In this post you will learn how to customize User’s Profile and add new fields/properties/columns (FirstName, LastName and EmailID) in a brand new table with ASP.NET Identity System.

Customize User's Profile in ASP.NET Identity System

Image
Note: You should read this post instead, I found below walkthrough will not work on ASP.NET Identity 2. I will re-work on this post soon.

In this post you will learn how to customize User’s Profile and add some more fields like FirstName, LastName, EmailID etc with ASP.NET Identity System. In my last post I listed some of the great new features introduced with Identity system.

ASP.NET Identity System in Visual Studio 2013 - New Feature

Image
In this post you will learn about a very new enhancement in ASP.NET Framework technologies (MVC, Web Forms, Web Pages, Web API and SignalR) known as ‘ASP.NET Identity System’ with the release of Visual Studio 2013. This enhancement well defines the meaning of ‘One ASP.NET’, because this can be used with all ASP.NET Framework technologies more easily than before.

Windows Authentication in MVC4 with IIS Express

Image
MVC4 gone through some major changes in Windows Authentication functionality with IIS Express. In this article you will learn how to enable Windows Authentication in MVC4 Web Application on IIS Express, just follow the given steps.

Enable Password Resetting with Simple Membership in MVC 4

Image
In this article you will learn how to enable password resetting (in case user forgot the password) with Simple Membership in MVC. User needs to type his username and system will check its existence, if found correct this will send an email containing dynamically generated URL with username and password reset token.

Output Caching in MVC

Image
In this article you will learn everything about ‘Output Caching in MVC’. I will take you by showing some real examples to make your view crystal clear.

Best way to prevent Cross Site Request Forgery Attacks in MVC 4

Image
In this article you will learn what CSRF is and best way to prevent such attacks. After a quick introduction about CSRF I will show you an example where attacker will change the profile information with one-click.

Avoiding Cross-Site Scripting (XSS) Attacks with AntiXSS in MVC 4

Image
In this article you will learn how to avoid XSS attacks in MVC Application with Microsoft’s AntiXSS library. I will show you a case where user will submit the malicious HTML markup with message and it will start displaying annoying alert. Then I will move on and show you how to prevent it with AntiXSS.

Free eBook - OWASP Top 10 for .NET Developers

Introduction

My one of the techie friend Troy Hunt (Microsoft MVP) got a free eBook titled "OWASP Top 10 for .NET developers" for you. I've gone through this eBook and find it awesome. He really did a great job. I recommend you to read this if you really want to improve your .NET security skills.
The complete eBook has 10 Parts with 255 Pages.
Go here, and download that eBook.

Popular posts from this blog