Tag

authentication

ASP.NET Core, C#, WebApi

Securing ASP.NET Core WebApi with an API Key

I read the article from Aram Tchekrekjian, which he goes in great length about techniques to secure a Web API, that is, using a Middleware and using an attribute that uses the IAsyncActionFilter. I would like to add another technique to this list using also an attribute, but one that uses the IAsyncAuthorizationFilter instead. This filter is called earlier in the chain of filters and can stop early a bad request using an invalid API Key. To learn more about filters, check out the documentation. I will use the starter ASP.NET Core 3 API template that comes with dotnet. You can create it through Visual Studio or using the command line dotnet new webapi <ProjectName>. In my scenario, I will use a combination…

Read more
Kubernetes

Configuring X509 and Azure AD authentication in the Kubernetes cluster

I am continuing my quest to configure my homelab’s Kubernetes cluster. As for now I’ve done: Setup the cluster using vSphere/vCenter Configuring HAProxy as the load balancer for the masters Today, I want to configure authentication so that I can login to the cluster from my computer and not from one of the masters directly. There are plenty of authentication mechanisms in Kubernetes, but I want 2 focus on 2 techniques that are discussed in the documentation: x509 client certificates and OpenId Connect. For the OpenId Connect provider, I will use Azure Active Directory. Authentication using X509 client certificates The documentation describes pretty well how to create a certificate for a normal user. First, I need to generate a private/public…

Read more