O'Reilly logo

Building Microservices with ASP.NET Core by Kevin Hoffman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 10. Securing Applications and Microservices

Developers’ perception of security concerns can range from true love to pure evil. In some organizations, security is a checklist that happens after an application has been developed, and in others it is such a burden that it often doesn’t get done properly or is simply skipped altogether.

When building applications for the cloud—applications built around the assumption that they might not run on infrastructure you own—security cannot be an afterthought or some mindless checkbox on a to-do list. Security must be a first-class citizen in all development efforts for user-facing applications and services alike.

In this chapter we’ll discuss security topics as they relate to cloud-native applications and develop samples that illustrate some ways we can secure our ASP.NET Core web applications and microservices.

Security in the Cloud

Securing applications that run at scale in the cloud is not as straightforward as it is when you deploy applications to a local data center where you have full control over the operating system and the installation environment.

In this section, we’ll cover some of the main issues that developers often run into when trying to adapt their existing ASP.NET skills or legacy codebases to running securely in the cloud. Some of these problems might be obvious (like the lack of Windows authentication), whereas others are more subtle.

Intranet Applications

Intranet  applications are everywhere and are often ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required