Author name: Tore Nestenius

Tore is an independent educator and consultant through his company TN-Datakonsult http://www.tn-data.se, where he specializes in training developers in .NET, Web Security, OpenID-Connect, architecture, and more. Tore regularly shares his knowledge about .NET on his blog https://live-nestenius.demowpsites2.com, focusing on security and authentication.

BFF in ASP.NET Core #7 - Introducing the Duende BFF Library

BFF in ASP.NET Core #7 – Introducing the Duende BFF Library

In the previous blog posts in this series, we built our own Backend-for-Frontend (BFF) implementation in ASP.NET Core from scratch. Now, you might be wondering about how much effort it would take to replace our custom solution with the Duende BFF Security Framework? In this post, we’ll walk through that migration process and see just […]

BFF in ASP.NET Core #7 – Introducing the Duende BFF Library Read More »

BFF in ASP.NET Core #6 - Securing our BFF with CORS

BFF in ASP.NET Core #6 – Securing our BFF with CORS

In this post, we take the next step in securing our Backend-for-Frontend (BFF) by adding robust Cross-Origin Resource Sharing (CORS) protection. CORS is essential for defending against a range of cross-origin attacks, and implementing it correctly is crucial for any application that handles sensitive data. We’ll explore the types of attacks that CORS helps prevent,

BFF in ASP.NET Core #6 – Securing our BFF with CORS Read More »

BFF in ASP.NET Core #4 - Implementing a BFF from scratch

BFF in ASP.NET Core #4 – Implementing a BFF from scratch

In this blog post, we’ll implement a minimal yet complete Backend-for-Frontend (BFF) in ASP.NET Core. By starting with a simple foundation and adding features incrementally, you’ll learn not just how to build a BFF, but why each component matters for securing modern web applications. This is a big topic, so I’ve split it into multiple

BFF in ASP.NET Core #4 – Implementing a BFF from scratch Read More »

BFF in ASP.NET Core #3 - The BFF Pattern Explained

BFF in ASP.NET Core #3 – The BFF Pattern Explained

The BFF pattern eliminates many SPA security risks, but it introduces a new critical component: the session cookie. This cookie becomes the key to your user’s authentication. If it’s not properly secured, you’ve simply moved the vulnerability from JavaScript tokens to HTTP cookies. This post shows you how to properly secure the session cookie using

BFF in ASP.NET Core #3 – The BFF Pattern Explained Read More »

BFF in ASP.NET Core #2 – The BFF Pattern Explained

How do you secure a Single-Page Application without storing tokens in the browser? The answer lies in the Backend-for-Frontend (BFF) pattern. This architectural approach shifts authentication complexity to the backend, keeping your frontend simple and secure. Let’s explore how it works and why it’s become the gold standard for SPA security. This is a big

BFF in ASP.NET Core #2 – The BFF Pattern Explained Read More »

Implementing BFF Pattern in ASP.NET Core for SPAs

This multi-part blog series will show you how to implement secure authentication for Single-Page Applications using the Backend-for-Frontend (BFF) pattern with ASP.NET Core. We’ll explore why handling OpenID Connect directly in SPAs creates security risks, then build a complete BFF implementation that eliminates browser token storage and follows OAuth 2.0 best practices. In short, it

Implementing BFF Pattern in ASP.NET Core for SPAs Read More »

Exploring the Forwarded Headers Middleware in ASP.NET Core

Exploring the Forwarded Headers Middleware in ASP.NET Core

Proxies are vital for load balancing and security, but they obscure the actual client IP, scheme, and domain, causing broken links, inaccurate logging, and other headaches. In this post, we’ll look at how ASP.NET Core’s Forwarded Headers Middleware restores these details so your services behave as though they’re directly on the public internet. What is

Exploring the Forwarded Headers Middleware in ASP.NET Core Read More »