Cookie size and cookie authentication in ASP.NET Core

When I was writing a web application with ASP.NET Core with Azure AD and Microsoft Graph, I ran into a very interesting issue – the identity cookies would get really large (8 kB or more in chunked authentication cookies) and therefore all the requests to the site would contain this much data in headers. This was bearable because it just “worked” but then I tried accessing the site from Safari on a MacBook or an iPhone and the server would return errors when trying to rebuild the user’s identity.

Continue reading “Cookie size and cookie authentication in ASP.NET Core”

Tracking currently signed-in user in Application Insights

Whenever you are collecting a date with Application Insights, it might be handy to have the ability to filter the telemetry based on currently signed in user. The documentation is quite confusing about it, so I decided to write an article and clear it up.

Continue reading “Tracking currently signed-in user in Application Insights”

Forcing reauthentication with Azure AD

While working on a project, I stumbled upon an interesting issue – how to force the user to reauthenticate in an application – for example when accessing some sensitive information? While it may seem quite straightforward from the documentation of Azure AD, it is not that simple, and if you are using prompt=login to reauthenticate the user, I quite suggest you read on.

Continue reading “Forcing reauthentication with Azure AD”

To single sign out or not to?

When building a Line Of Business (LOB) application, you are usually better off with implementing the customer’s current Identity Provider (IdP) which could be ADFS, Azure AD or some others. The benefits are clear – users use a single account for all the services, authenticate through a central point, can be more protected by conditional access policies and as a great benefit, you can leverage the existing data through Microsoft Graph for example. So while it is obvious why to use Single Sign On in your application, a little bit less discussed topic is about Single Sign Out (SLO).

Continue reading “To single sign out or not to?”

Deploying ASP.NET Core along with a WebJob to App Service

Recently I have been working on a project in ASP.NET Core and DotVVM accompanied by a WebJob using Azure WebJob SDK. The idea behind publishing was that whenever I push code to the repository (VSTS in my case), App Service would pull the code, build it and deploy it automatically (this is achieved by setting up Continuous Deployment). This method works just great for ASP.NET Core application, however when accompanied by a WebJob, things weren’t as smooth as I was expecting them to be.

Continue reading “Deploying ASP.NET Core along with a WebJob to App Service”

Building custom Docker images for use in App Service on Linux

If you have been watching Connect(); or if you read the Azure blog, you should be aware by now, that Azure has recently introduced a pretty cool service called App Service on Linux. It is probably also not going to be a surprise to you if I tell you that it is being powered by Docker. And that is not the only great thing about it – you can also bring your own Docker image into App Service on Linux!

Continue reading “Building custom Docker images for use in App Service on Linux”

Configuring curl.cainfo in PHP on Azure App Service

cURL is one of the most common ways to make HTTP requests from PHP code. When you make regular http:// calls everything is alright, but when you decide to go with https://, you need to configure few things on App Service manually for it to work correctly.

Continue reading “Configuring curl.cainfo in PHP on Azure App Service”