Tag: Fluent Security


Recap my online year 2012

The year 2012 was for me a year that went way to fast. In the year 2012 I learned a lot new stuff, wrote several blog posts and read lots of blog posts and articles. First of all I want you to give a list of all blog posts I wrote this year. You can find the complete list here http://marcofranssen.nl/2012/ and here http://marcofranssen.nl/2012/page/2/. JavaScript http://marcofranssen.nl/writing-modular-javascript-without-polluting-the-global-namespace/ http://marcofranssen.nl/knockout-js-mappings/ Windows 8 http://marcofranssen.nl/install-windows-8-consumer-preview-on-vhd/ http://marcofranssen.nl/install-windows-8-from-rusty-256-mb-usb-stick/ Windows Phone http://marcofranssen.nl/minesweeper-7/ http://marcofranssen.nl/shortify-for-windows-phone-7/ http://marcofranssen.nl/sokoban-7/ http://marcofranssen.nl/windows-phone-theme-colors/ ASP.NET MVC http://marcofranssen.nl/secure-your-web-app-fluently/ .NET C#  http://marcofranssen.nl/delegate-your-equality-comparisons/ Powershell http://marcofranssen.nl/unblock-downloaded-files-with-powershell/ I even wrote a non-technical article http://marcofranssen.nl/pitching-equals-invisible-convincing/ Second I want to share my starred articles from my reading archive. I used pocket to bookmark, read and archive my articles, which enables me now to share all starred articles with you.


Secure your web app fluently

When building a big web application with ASP.NET MVC 3 I ran into a problem to secure my web application in a maintainable way. There are lots of examples with attributes, but this isn’t maintainable. So I started searching for other solutions, however most of the information is leaning on those un-maintainable attributes I finally found “Fluent Security“. What does Fluent Security offer you? Fluent Security provides a fluent interface for configuring security in ASP.NET MVC. No attributes or nasty xml, just pure love. Go get it on NuGet! What does that mean? Well it simply means you can bootstrap your security just from your Application_Start() and maintain it on a single place. Besides that you can easily unit test your security setup. So you can test if your security configuration matches the security setup you described in your unit tests. This is a huge advantage because you know for sure the controller actions are secured the way you like it without having the need to click through your complete web application. You can only fail when not defining your tests correctly. That’s not all… You can easily extend, modify etc. by adding your own implementations of the interfaces. Let me start to show you some code so you see for yourself how easy it is! My example is based on a default MVC 3 application and I have added a CategoryController like below to have some extra actions for my example.