In the past, I leveraged the open-source Identity Server version 4 (Read about my experience with it here). But recently, Identity Server has become proprietary, offering price plans that are not always seen as favorable. Especially if a company wants to support on premise instances of the app as opposed to SAAS. That means a …
Security
How to use ConfigBuilders for User Secrets Management in Asp.Net MVC 5
When it comes to storing our app secrets, Asp.Net Core has a built-in mechanism to do that out of the box. But this is not the case for Asp.Net MVC 5. For MVC 5, we need to install custom configBuilders packages in order to be able to have the same functionality. There are many other …
Application Secret Management: How to Implement a Good Secret Management Strategy
Sometimes bad things just happen, or perhaps they happen because of our neglect. Bad things like committing an application secret into our repository. The problem with doing that is that if that happens, deleting the secret and committing will not suffice. We need to purge that commit completely from our repository and its history. But …