SDD 2017 Schedule
This is a rating on a scale from 1 to 5 to indicate how much demo coding the session will contain (as opposed to slides) – 1 means no code demos, and 5 means nothing but.
This is a rating on a scale from 1 to 5 to indicate how advanced the session is (in terms of the specific topic that is being covered) – 1 means that it’s introductory, and 5 means that it’s aimed at attendees who already have significant experience in the relevant area.
Tuesday 16 May 2017
Implementing authorization in web applications and APIs
Authentication is easy – authorization is the hard part. This might sound daunting, but since every application is different, there is no single recipe for how authorization has to work. Dominick walks you through a couple of approaches and pitfalls and uses the new ASP.NET Core authorization API (which has been back-ported to standard .NET) as an example of a decent abstraction layer for clean authorization for your applications. But we will also learn that that regardless of your approach, there is no one size that fits all – that’s why it important to understand your options.
Dominick is an independent consultant specializing in identity and access control. He helps companies around the world designing and implementing authentication and authorization for their distributed web and native applications. He’s co-author of the popular OpenID Connect & OAuth 2.0 framework called IdentityServer (http://identityserver.io), has written a couple of books, blogs at http://leastprivilege.com and tweets as @leastprivilege.
Other presentations by Dominick Baier
Mon 15 May 2017 at 9:30
Tue 16 May 2017 at 14:00
Wed 17 May 2017 at 16:00