OpenID Connect: Fetching a Client Credential Token
My work duties have recently grown to include the architecture, installation, configuration, and care and feeding or our brand new single sign on (SSO) server, Ping Identity’s Ping Federate.
MVC: What is Html.AntiForgeryToken and how does it actually work?
The anti-forgery token found in MVC is a way to prevent cross site request forgery (CSRF) attacks. Without going into too much detail, a CSRF attack occurs when a user visits an untrusted site and enters some information that is then posted back to a site to which the user has already authenticated. Protection against this exploit has shipped with MVC since at least version 4 and is very easy to implement.
Preparing Your WebAPI Site To Produce Better Documentation
A WebAPI site produced from the Visual Studio 2013 template comes with an MVC area designed to provide rich help pages. For the most part, this functionality comes for free with the template. However, using the following instructions can help produce a richer help experience for the user by allowing you to use multiple lines in your method descriptions. You are then free to include more information about the method, including expected return codes or additional descriptive text.
Resizing the screen resolution in Ubuntu when you can't see the Apply button
On a normal day I spend most of my time in Windows 7 and Windows 8 doing my job and playing video games. I’m an Apple fanboy, so also have an old Mac (new ones are expensive!). However, I like to experiment with Linux just to see what’s up.
Outlook Has Left The Building
Today I undocked my laptop from my docking station and headed to a meeting. When I arrived, I found that my Outlook had turned into a title bar, looking like this (no, the screenshot is not cut off, that’s what it really looked like):
Entity Framework 6: Specifying a ConnectionString in Code
I’ve been working recently with Entity Framework 6. So far I find it pleasant enough, although not as intuitive (at least for me) as the likes of NHibernate.
Adding Google Authentication with DotNetOpenAuth
Visual Studio 2013 ships with a very nice template to use DotNetOpenAuth for authentication with Google, Twitter, Facebook, and Microsoft. However, it’s a little complicated and comes with a lot of cruft. Rather than having too much in my ASP.NET MVC project, I prefer to start with an empty project and add features as I need them. If you are like me, you can use the following instructions to add Google authentication using DotNetOpenAuth.
Installing the Electric Plum iPhone Simulator in Visual Studio 2013
I’m going to file this under “Late to the Party Again”, but I just learned that Microsoft offers a free version of the Electric Plum iPhone/iPad Simulator through Web Matrix. The version is a lite version, but well worth the free download.
Establishing a Trust Relationship or Trusting Local Certificates
At work, the certificates in our lab environment are signed by a local certificate authority. Additionally, we do not have the lab intermediate certificate authorities on our local workstations. This means that when we call WCF or REST services we sometimes see the following error: