In Part 1 of this article series, you created a set Angular classes for users and user authentication/authorization. You used these classes to login a user, create a set of properties in a class to turn menus and buttons on and off. In this article you learn to authenticate users against a Web API method. That method returns an authorization object with the same properties as the classes you created in Angular. You are also going to learn to secure your Web API methods using JSON Web Tokens (JWT). You use the [Authorize] attribute to secure your methods, and you learn to add security policies too.
In most business applications, you are going to want to disable, or make invisible, different features such as menu items, buttons and other UI items, based on who is logged in and what roles or permissions they have. Angular does not have anything built-in to help you with this, so you must create it yourself. There are two different pieces to security you must worry about with Angular applications. First, you must develop the client-side security, which is the subject of this article. Second, you must secure your Web API calls, which will be the subject of another article.
Using Powershell and Windows Task Scheduler API to detect malicious login attempts on a remotely accessible SQL Server database
To understand RLS (ROW LEVEL SECURITY) let’s understand the different problems first. Problem 1 Suppose, you have a Multi-tenant e-commerce website and different companies registered on your website and you have centralized single database for all the client.
An introduction on how these applications self-defend themselves against scanning techniques, and how they could have evolved from simple and naive forms to more sophisticated ones.
Learn how to inject your 4.5 framework .NET application into a C++ unmanaged host application. Fast, Secure & without any extra tool or library.
Additional logging and data collection
Prevent brute-force login attacks on a remotely accessible SQL Server database using T-SQL
This article describes the security techniques required to create a secure offline password manager and how the Libsodium library has been used to achieve this. YAPM stores passwords with AES encryption and authenticates users with an Argon2 hash.
HTTP Series – Security
This article provides an overview of asp.net core security features.
A discussion of security best practices for developers who are building cloud applications.