ASP.NET vNext Middleware for Hawk Authentication – An Experiment

Thinktecture Identity model has support for Eran Hammer’s Hawk authentication in the form of OWIN middleware. With ASP.NET vNext introducing a new but very similar middleware concept (changes only on the API surface and OWIN middleware can be used as-is in ASP.NET VNext apps), I took the opportunity to completely rewrite the middleware. As ASP.NET vNext is being actively developed, there could be changes and this middleware will change to react to those changes. Hence, at this point, this middleware is just for review only. Since Linus had said “Talk is cheap. Show me the code.”, I keep this blog post very short and just link to github. Your feedback is welcome.

A Simple ASP.NET vNext MVC Application without Visual Studio 2014 Part 1

There are already posts out there explaining how to setup ASP.NET vNext. The first and the foremost source, ASP.NET vNext Home in Github has all the steps clearly documented. Then, there is a ton of videos and good stuff out there. The objective of this post is to show the steps involved in setting up ASP.NET vNext and create a “complete” MVC application (remember MVC in vNext means MVC + Web API). Of course, we will not need to install VS 2014 but I don’t think it will be practical to do any serious development without VS. But then, just to get a taste of what vNext is, it is okay. Here are the steps (Windows only).

Continue reading

Barebones ASP.NET MVC Google Signin through OWIN Middleware

If you use Visual Studio and want to add Google sign-in to your ASP.NET MVC app by using an out of box template, you get code that uses ASP.NET identity and three Katana authentication middleware: (1) the cookie authentication middleware running in active mode, (2) another instance of cookie authentication middleware but running in passive mode, and (3) Google authentication middleware. That will be like so.
Continue reading

Event Tracing for Windows (ETW), ETL file and Tracerpt

Event Tracing for Windows (ETW) is cool. There is nothing like it, for instrumenting your app. ETW is interesting because at this time, it is not easy to find your way around. There is an excellent Pluralsight course by Kathleen Dollard and several blog posts and videos by Vance Morrison. .NET 4.5 has made ETW so easy. All you need to do is to create a custom event source by inheriting from the System.Diagnostics.Tracing.EventSource class. You can use the PerfView tool or logman command to start and stop a session and create an ETL file. ETL file is binary and contains pretty much all the info one would ever need but then getting the info out is not an easy task.
Continue reading

Basic Authentication with ASP.NET Web API Using Authentication Filter

Authorization filters and action filters have been around for a while in ASP.NET Web API but there is this new authentication filter introduced in Web API 2. Authentication filters have their own place in the ASP.NET Web API pipeline like other filters. Historically, authorization filters have been used to implement authentication and there is ton of samples out there with all kinds of authentication implemented in authorization filters. Web API 2 introduces the authentication filter so that authentication concerns can be separated out of authorization filter and put into an authentication filter.
Continue reading