Author name: Tore Nestenius

Tore is an independent educator and consultant through his company TN-Datakonsult http://www.tn-data.se, where he specializes in training developers in .NET, Web Security, OpenID-Connect, architecture, and more. Tore regularly shares his knowledge about .NET on his blog https://nestenius.se, focusing on security and authentication.

Deploy a container to Azure App Services using Azure CLI and user-assigned managed identity

Deploy containers Azure App Services using user-assigned managed identity

This blog post describes my approach to successfully deploying a custom container image to Azure App Services from a private container registry, using a user-assigned managed identity and the Azure CLI. This blog post will cover how to do this using a user-assigned managed identity, and a separate future post will cover how to do […]

Deploy containers Azure App Services using user-assigned managed identity Read More »

Discovering .NET codebases using code coverage and NCrunch

Discovering .NET codebases using code coverage and NCrunch

Exploring and discovering unfamiliar codebases is always a challenge. In this blog post, I will introduce a novel way to explore a new codebase by looking at the code coverage using NCrunch.NET. Background As a developer, you’re often challenged to understand new libraries; you ask: ‘how does it work’, ‘what makes it tick?’, what parts

Discovering .NET codebases using code coverage and NCrunch Read More »

Persisting the ASP.NET Core Data Protection Key Ring in Azure Key Vault

The Data Protection API (DPAPI) is an essential service in ASP.NET Core that is often overlooked. This post will give an overview of what it does and how we can store its encryption keys in Azure Key Vault. The API’s main purpose is to encrypt and decrypt data. For example, it is used to: Protect

Persisting the ASP.NET Core Data Protection Key Ring in Azure Key Vault Read More »

In the world of web application security, OpenID Connect plays a key role in streamlining authentication processes. But what makes it really tick? In this blog post, we dive deep into two critical security features of OpenID Connect – the state and nonce parameters – and how they are used in ASP.NET Core.

Demystifying OpenID Connect’s State and Nonce Parameters in ASP.NET Core

In the world of web application security, OpenID Connect plays a key role in streamlining authentication processes. But what makes it really tick? In this blog post, we dive deep into two critical security features of OpenID Connect – the state and nonce parameters – and how they are used in ASP.NET Core. This simplified

Demystifying OpenID Connect’s State and Nonce Parameters in ASP.NET Core Read More »

ASP.NET Core issues several cookies, including authentication, antiforgery, and session cookies. This blog post will explore what these cookies contain and how they are protected.

Exploring what is inside the ASP.NET Core cookies

ASP.NET Core issues several cookies, including authentication, antiforgery, and session cookies. This blog post will explore what these cookies contain and how they are protected. Protecting the cookies The content of these cookies is protected through a combination of encryption and signing mechanisms. These protective measures ensure the confidentiality and integrity of the information stored

Exploring what is inside the ASP.NET Core cookies Read More »

I have answered over 1000 questions on Stack Overflow, and cookies are a common source of trouble for developers, especially when working with authentication and OpenID Connect in ASP.NET Core.

Debugging cookie problems in ASP.NET Core

Troubleshooting cookie problems in ASP.NET Core I have answered over 1000 questions on Stack Overflow, and cookies are a common source of trouble for developers, especially when working with authentication and OpenID Connect in ASP.NET Core.   Cookie problems can, in my experience, be categorized into the following categories: Browser RejectionCookies provided by the server that

Debugging cookie problems in ASP.NET Core Read More »