To generate ws-federation metadata for your own STS use the following tool. Federation metadata generation tool on GitHub or you just download a copy of the source here from my site. The tool will not create a federation metdata file for a relying party (RP). To create a federation metadata file for a RP use the XML… Read More »
Recently I had to investigate for a situation where a user would sign into a Google chrome account and a desktop application on the same machine had to somehow pick up the cookie and use it to communicate to web services, very similar to Cross browser \ application SSO.
I am sure many companies are slowly doing the migration from web forms in asp.net to MVC with asp.net core and with that migration comes the need for diagnostics or exception logger. In this article is a very simple example for exception logging.
Memory leak within WCF? So yesterday my team had to trace a possible memory issue within our application. We used the built in memory tools within Visual Studio and identified that the ‘leak’ was within our WCF infrastructure. What was strange was that the problem came from the System.ServiceModel.Channels.BufferManager which is native .net code… So how… Read More »
Bug in RemoveServerHeader attribute for IIS 10+ There is a bug in RemoveServerHeader for IIS 10+ as documented here. I documented the new attribute in IIS 10 here back in March 2018.
Below is a very basic and short example of how to read settings from a JSON configuration file in .Net Core.
I prefer to keep my System directives at the top. Unfortunately the default settings is to sort everything alphabetically. To keep your System directives at the top when sorting the using clauses you can enable the following setting.
This is the #1 thing that I switch on when working on a newly installed Visual Studio. The option “Track Active Item in Solution Explorer” always selects the file you have open in the solution explorer.
The a HTTP module is used when you need to intercept and examine the incoming HTTP requests before or after the page life cycle. The HTTPModule provides events where you can plug into to examine or alter the request or response within the asp.net cycle. HTTPModule are the perfect place the apply security checks.
HTTP headers leak technical information to potential attackers about a system. To harden the security of an application you need to disclose as little information about a system as possible. In this post I will show to remove the Asp.net version from HTTP server header responses.