Web API 2 security extensibility points part 4: custom authorisation filters

Introduction

In the previous post we built a custom HTTP message handler for our demo Web API 2 application. We saw how a registered message handler intercepts all calls to your API before authentication filters are executed. We also wrote a couple of examples where we checked for the presence of a custom header and of an authorisation header. We finally showed how to set the principal for the current HTTP call.

In this post we’ll see another way you can intercept the calls to your API. Authorisation filters are executed after authentication filters and before your controller action methods. That is the last stage where you can add your custom auth-related logic.

Read more of this post

Using a thread-safe dictionary in .NET C# Part 2: CRUD operations

In the previous post we briefly introduced the ConcurrentDictionary object. We said that it was the thread-safe counterpart of the standard Dictionary object. The Dictionary object is not suited as a shared resource in multi-threaded scenarios as you can never be sure if another thread has added to or removed an element from the dictionary just milliseconds earlier. A ConcurrentDictionary is a good option to cure the shortcomings of the thread-sensitive Dictionary object but it is also more difficult to use.

We’ll briefly look at the 4 Try methods that enable you to insert, remove, update and lookup elements in the ConcurrentDictionary.

Read more of this post

Using a thread-safe dictionary in .NET C# Part 1: introduction

In this post we saw how to use the thread-safe counterpart of the Queue object, i.e. the ConcurrentQueue of T. The standard Dictionary class also has a thread-safe counterpart and it’s called ConcurrentDictionary which resides int the System.Collections.Concurrent namespace.

The ConcurrentDictionary is definitely a dictionary type but it can mimic other collection types if you need a thread-safe collection that doesn’t have a built-in concurrent counterpart such as a List. ConcurrentDictionary is more difficult to use than a standard dictionary so its usage cannot really be summarised in a single short post. Therefore we’ll go through the basics in a mini-series instead.

It implements the IDictionary interface just like Dictionary but some methods are hidden:

Read more of this post

Web API 2 security extensibility points part 3: custom message handlers

Introduction

In the previous post we looked at how to implement your own custom authentication filter. Authentication filters – and filters of type IFilter in general – are executed just before your controller action methods are run. We saw how to implement the IAuthenticationFilter interface and how to apply the custom filter both as an attribute and as a global filter.

In this post we’ll look at HTTP message handlers and specifically how to add your own message handler. Message handlers are executed even before any custom filter so they provide an early entry point into the life cycle of a web application. There’s nothing stopping us from adding an initial security check or a full-blown login mechanism already at that stage. We can check e.g. if a mandatory custom header has been provided and reject all incoming HTTP calls that don’t fulfil this requirement up front.

Read more of this post

Python language basics 33: variable shadowing and the ‘global’ keyword

Introduction

In the previous post we looked at positional and keyword arguments in a function. We saw how positional arguments were matched up with the arguments in the function signature. We also discussed how keyword arguments could make your code cleaner by explicitly providing the argument names in a function call.

In this post we’ll look at how a variable declared within a function can overshadow another variable declared outside of it.

Read more of this post

Python language basics 32: positional and keyword arguments in a function

Introduction

In the previous post we discussed how to provide optional arguments to a function. We saw how easy it was to assign a default value to a function argument using the assignment operator ‘=’. The caller could optionally ignore those arguments so that the default ones would be used within the function body. Alternatively the caller could override the defaults and provide its own argument values.

In this post we’ll look at another feature related to function arguments: positional and keyword arguments.

Read more of this post

Implementing an enumerator for a custom object in .NET C#

You can create an enumerator for a custom type by implementing the generic IEnumerable of T interface. Normally you’d do that if you want to create a custom collection that others will be able to iterate over using foreach. However, there’s nothing stopping you from adding an enumerator to any custom type if you feel like it, it’s really simple.

Consider the following Guest class:

public class Guest
{
	public string Name { get; set; }
	public int Age { get; set; }
}

Guests can be invited to a Party:

Read more of this post

ultimatemindsettoday

A great WordPress.com site

iReadable { }

.NET Tips & Tricks

Robin Sedlaczek's Blog

Love to use Microsoft Technologies

HarsH ReaLiTy

My goal with this blog is to offend everyone in the world at least once with my words… so no one has a reason to have a heightened sense of themselves. We are all ignorant, we are all found wanting, we are all bad people sometimes.

Ricos Blog zu Softwaredesign- und architektur

Ideen und Gedanken rund um Softwaredesign und -architektur, Domain-Driven Design, C# und Windows Azure

the software architecture

thoughts, ideas, diagrams,enterprise code, design pattern , solution designs

Technology Talks

on Microsoft technologies, Web, Android and others

Software Engineering

.NET, SQL and Mobile

Disparate Opinions

Various tidbits

chsakell's Blog

Anything around ASP.NET (WebForms / MVC), WCF, Web API & C#

Cyber Matters

Bite-size insight on Cyber Security for the not too technical.

Guru N Guns's

OneSolution To dOTnET.

Johnny Zraiby

Measuring programming progress by lines of code is like measuring aircraft building progress by weight.

Follow

Get every new post delivered to your Inbox.

Join 734 other followers

%d bloggers like this: