Author’s Archive: long2know

Home / long2know
245 Posts

OWIN Revisited

posted on April 14, 2015 by in ASP.NET, OWIN, Security, Web

After my previous post regarding Secure Token Services / SSO, I have been diving deeper into OWIN to understand its capabilities further.

As I mentioned, the STS system I devised is still using FormsAuthentcation. As a consequence, the relying applications are also dependent on FormsAuth. Upon further inspection, I found that this is redundant. It turns out that OWIN was doing more than I initially divined. Additionally, from all that I have read, it appears that Microsoft’s vision is to completely supplant, and retire, FormsAuth. This, obviously, could be a point of contention if one ties their authentication system into FormsAuth.

More Link

Technology Choices

posted on April 11, 2015 by in ASP.NET, Web

Earlier this week, an article about technology choices was floating around the office: Choose Boring Technology

The premise of the article focused on technology choices and explained why sticking to tried and true technologies has merit. In my own experience, and in the same week, I find this article to be very relevant and had my own correlating experience.

More Link

Secure Token Services

posted on April 9, 2015 by in ASP.NET, OWIN, Security, Web

For the past week, I’ve been working on creating a Single SignOn (SSO) system with ASP.NET. One joke around the office is that SSO could also stand for Seldom SignOn. Essentially, we want to make securing applications as painless for the user as possible. Along the way, being able to generate secure tokens through a Secure Token Service (STS) seemed advantageous as well.

Interestingly, it still comes back to cookies. Tokenizaiton is only useful for securing API’s. That is to say, attaching an Authorization Header to an API call is straight forward, but it’s not feasible to attach one to a user’s initiated browsing.

More Link

Angular tri-state checkbox

posted on April 7, 2015 by in angular, JavaScript, jsfiddle

angular_small
While working with an Angular application that involved selecting rows in a table with checkboxes, I found that the requirements necessitated having a ‘select all’ checkbox.

Selecting all elements is a common, and usually pretty easy, mechanism to incorporate. But, if you want an indeterminate, or tri, state, for your top-level checkbox selector, it becomes a little more involved.

More Link

User Session Timeout

posted on April 2, 2015 by in angular, ASP.NET, JavaScript, jsfiddle, Web

When I’m online with my banking site, or Pandora, I occasionally get those nice dialogs asking if I’m still around after being idle for a while. Sometimes, I think it’s a nuisance, but it can be a helpful security measure. It can also be beneficial in SPA-type applications.

With SPA’s, the user can perform so many actions in the browser that never make requests of the server. As a result, if we’re using a cookie-based security mechanism that has a short expiration time, they could be effectively logged out and not even know it.

This is a problem.

More Link

Animating and Angular Repeater Finish

posted on March 31, 2015 by in angular, JavaScript, jsfiddle

A few weeks ago, I made this nice little side-bar that allowed a user to click an element and then perform actions on that element. They could also add new elements.

The idea of showing a quick animation for when a new element is animated using Angular’s animation framework sounded easy. However, it turned out to be problematic.

More Link

Advanced Angular Navigation with ui-router

posted on March 30, 2015 by in angular, codepen, JavaScript, jsfiddle, plunker, Web

Optimizing Angular App Bindings

posted on March 29, 2015 by in angular, JavaScript

One of the best features of Angular is also one of its most impactful on performance. That feature is two-way binding.

To achieve two-way binding Angular “watches” for when JavaScript objects change and when the DOM values change during Angular’s digest cycle. It’s not an extremely complex mechanism, conceptually, but it’s very effective.

More Link

Wrapping up Covenant Health Knoxville Marathon Weekend

posted on March 29, 2015 by in Fitness, Health, Running

The Covenant Health Knoxville Marathon / marathon weekend is over for the me and my family.  I think I may have enjoyed the volunteering, and being around friends and family more than running.. But I did get to talk to and see a lot of friends – runners, spectators, and volunteers – on the course. So, it’s a toss up, but having my girls more involved was pretty cool.  They’ve already told me that they enjoyed it.  The Girls on the Run Pasta Party was a very nice treat as well.

More Link

Knoxville Marathon

posted on March 28, 2015 by in Running

The Covenant Health Knoxville Marathon (CHKM) is tomorrow.  This marks two full years that I’ve been running in organized races and the third time that I will participate in this event.

My preparation for the half-marathon has not been quite what I wanted. Pervasive aches and pains have side-lined me for most of March, and at this point I would be extremely lucky to complete the half-marathon in less than two hours. In fact, this may go on record as being one of my worst performances.

More Link