Brock Allen

Brock Allen

Brock Allen

twitter-icon@BrockLAllen

Biography

Currently Brock is an independent consultant specializing in .NET, web development, and web-based security with 20 years of industry experience. Brock is the co-author of many security related open source frameworks including IdentityServer, IdentityManager, and MembershipReboot. He also frequently posts to the ASP.NET forums, is a MVP for ASP.NET/IIS, a member of ASPInsiders and a contributor to the ASP.NET platform.

Session: Securing Web APIs from JavaScript/SPA Applications

Modern web development means that more and more application code is running in the browser as JavaScript. This architectural shift requires us to change how we perform authentication and authorization. Fortunately, using modern protocols such as OpenID Connect you don’t need to invent your own solution for this new environment. This session will show you the modern approach for browser-based JavaScript applications to authenticate users, and perform secure web api invocations. As you might expect, security is sufficiently complex and so even modern security comes with its own set of challenges. Luckily, we will show off some libraries that help manage this complexity so your application doesn’t have to.

Workshop: A Day of Securing ASP.NET Core Applications and APIs

Modern application design has changed quite a bit in recent years. “Mobile-first” and “cloud-ready” are the types of applications you are expected to develop. Also, to keep pace with these demands, Microsoft has completely revamped their web stack with ASP.NET Core to meet these architectural demands.

Needless to say, you also have to secure these apps.

Multi-platform, multi-client, and highly-mobile users bring a new set of challenges, so the approaches of the past are no longer appropriate for modern applications. This day-long workshop is your chance to dive into all things security related to these new technologies. Learn how to securely connect native and browser-based applications to your back-ends and integrate them with enterprise identity management systems as well as social identity providers and services.

This workshop covers everything you need to know to build modern and secure web, native & mobile applications. The foundation will be Microsoft’s latest technology stack, but will also include IdentityServer4, which is the officially recommended framework for building token services.

Level: Intermediate

Book your seat