Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dominik Pinter, dominikp@kentico.com CMS.IO, Authentication Dominik Pinter, dominikp@kentico.com.

Published byIra Harris Modified over 6 years ago

Similar presentations

Presentation on theme: "Dominik Pinter, dominikp@kentico.com CMS.IO, Authentication Dominik Pinter, dominikp@kentico.com."— Presentation transcript:

1 Dominik Pinter, dominikp@kentico.com
CMS.IO, Authentication Dominik Pinter,

2 Agenda CMS.IO: Implementation details Pitfalls Authentication:
HTTP basic authentication ASP.NET Forms authentication OAuth

3 CMS.IO implementation details
How to start? Provider registration REST API vs. Client SDK vs. Own wrapper Recommended object model Storage features and characteristics Root directory object Flat structure Default properties Shared storage between servers Recommended object model - ukazat

4 CMS.IO – Writing a provider - pitfalls
Authentication and authorization How to create directory? Where to store file metadata? Datacenter time zone What to do if File does not exist? (AKA System.IO related stuff) Connection to storage service is lost? (AKA storage related stuff)

5 CMS.IO - demos Provider registration Working with CMS.IO
File creation/deletion Directory creation/deletion Web.config -> Amazon registration c:\inetpub\wwwroot\Final70SC\CMS\CMSModules\System\Files\System_FilesTest.aspx.cs Ukazat třeba na Amazonu

6 HTTP basic authentication
Support in HTTP protocol HTTP response 401 User name and password encoded in Base64 Not safe without SSL (HTTPS) GET HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 … Accept: text/html,application/xhtml+xml,application … Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Authorization: Basic dXNlcjpwYXNzd29yZA== Fiddler + localhost/Final7.0/rest

7 ASP.NET Forms authentication
Built in ASP.NET Uses forms and HTTP POST Cookie based Configurable through web.config Integrated with ASP.NET membership provider

8 OAuth - basics An authentication mechanism for web applications/web services Problem: 3rd applications built upon existing web services, for example social networks need access to your an user account. The user doesn‘t want to give them an user name and a password. Solution: The original web service can give them a temporary token for accessing the user account. OAuth RFC OAuth 2.0 – draft

9 (Original webservice)
OAuth – how it works ReverseTweet (3d party application) 5 1 2 3 Twitter (Original webservice) User (Browser) 4 User sends request to 3rd party application 3rd party application requests access token User is redirected to original web service User authenticates by user name and password to original web service 3rd party application gets the access token

10 OAuth - demo ReverseTweet ReverseTweet -> Demo + kod + web twitteru

11 Homework File manipulation CMS.IO Create file Delete file

12 Q&A ?

13 Thank you http://www.kentico.com http://devnet.kentico.com

Download ppt "Dominik Pinter, dominikp@kentico.com CMS.IO, Authentication Dominik Pinter, dominikp@kentico.com."

Similar presentations

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
CIS 451: ASP Sessions and Applications Dr. Ralph D. Westfall January, 2009.

CIS 451: ASP Sessions and Applications Dr. Ralph D. Westfall January, 2009.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
Chapter 2: Application layer  2.1 Web and HTTP  2.2 FTP 2-1 Lecture 5 Application Layer.

Chapter 2: Application layer  2.1 Web and HTTP  2.2 FTP 2-1 Lecture 5 Application Layer.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
OmStore Cloud API Harshit Agarwal Sohil Habib. About Us ●We are graduate students at CMU ●Currently at CMU Silicon Valley campus ●Working part time with.

OmStore Cloud API Harshit Agarwal Sohil Habib. About Us ●We are graduate students at CMU ●Currently at CMU Silicon Valley campus ●Working part time with.
GRDevDay March 21, 2015 Cloud-based Identity for Applications.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
Ins and Outs of Authenticating Users Requests to IIS 6.0 and ASP.NET Chris Adams Program Manager IIS Product Unit Microsoft Corporation.

Ins and Outs of Authenticating Users Requests to IIS 6.0 and ASP.NET Chris Adams Program Manager IIS Product Unit Microsoft Corporation.
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control Maarten

OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control Maarten
Session 11: Security with ASP.NET

Session 11: Security with ASP.NET
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.

M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.

© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.
Python and REST Kevin Hibma. What is REST? Why REST? REST stands for Representational State Transfer. (It is sometimes spelled ReST.) It relies on a.

Python and REST Kevin Hibma. What is REST? Why REST? REST stands for Representational State Transfer. (It is sometimes spelled "ReST".) It relies on a.
FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.

FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.
1 Web services and security ---discuss different ways to enforce security Presenter: Han, Xue.

1 Web services and security ---discuss different ways to enforce security Presenter: Han, Xue.
Using the Bookshare API July 2010. Why do it? Developed in 2008, provides 3rd party developers access to Bookshare functionality in any application It.

Using the Bookshare API July Why do it? Developed in 2008, provides 3rd party developers access to Bookshare functionality in any application It.
Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.

Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.

Similar presentations

Ads by Google