Posts Tagged ‘ASP.NET MVC 4’

Integrating ASP.NET MVC authentication with SiteMinder SSO

SiteMinder is an enterprise-class secure single sign-on solution by CA (Computer Associates) which is employed by many large companies to secure their intranet access and provide single sign-on functionality to various intranet applications.  SiteMinder has a broad support for different application frameworks which is making possible to use in heterogeneous enterprise environment. For example, when […]

Gracefully handle MVC login session expiration in javascript

If your web application is built using ASP.NET MVC stack and it requires user authentication and authorization to access a certain parts of the application (or application as a whole), then the chances are that you using [Authorize] controller attribute. This attribute could be applied to controller as a whole or to any of the […]

ASP.NET MVC anti-forgery token demystified – part 3: AJAX

This blog post is third and final in series about MVC anti-forgery (CSRF) token. Part 1. Part 2.As we talked about it earlier, MVC have a great built-in functionality for securing form posts with anti-forgery tokens and it’s even possible make it work across multiple web applications. However, these days modern web applications tend to […]

ASP.NET MVC anti-forgery token demystified – part 2: inside

In the previous installment of this post series I talked about CSRF attack and how to prevent it using ASP.NET MVC built in components. Today I want to dive deeper into the framework code and show you what’s under the hood to anti-forgery token implementation in MVC. Some time ago Microsoft took a huge step […]

Localizing Static Words in ASP.NET MVC Routing

Routing requests to actions within controllers is the backbone of any ASP.NET MVC web application.  Being able to define different routes by using static words, such as “Products” or “Search”, enables search engine optimized and user friendly URLs.  However, recently I was asked to localize those static words to maintain consistency in the way URLs […]