pbdk
There are 2 repositories under pbdk topic.
kathleenwest/WebAPIBasicAuthenticationDemo
This project presents a Visual Studio solution including a simple demo ASP.Net Web API Basic Authentication Service Application and a “Tester” Client (Windows Form Application) that allows the user to test the Web API with CRUD operations (GET, POST, PUT, DELETE) that service design requires authentication (except the Get). In addition to demonstrating standard CRUD capabilities, the Web API service implements a .Net Memory Cache (MemoryCache) and custom username and password validator. Passwords are stored securely using Password-Based Key Derivation Function PBKD cryptology. The client “tester” windows form application is not intended as a UX/UI demo but used to test and verify that the backend authentication service allows the user to register with a username and password and verify the Web API CRUD functions based on basic authentication scheme. Lastly, the project is shown in the demo section with a video and screen captures. Note: Every Web API Authentication service should use secure transport. For brevity, this demo project does not implement or discuss the complicated detail nature of SSL/TLS.
kathleenwest/WCFAuthenticationDemo
This project presents a Visual Studio solution including a simple demo WCF Authentication Service Application and a “Tester” Client (Windows Form Application) that allows the user to test the user registration, login, logout, and service operations. In addition to demonstrating standard authentication capabilities, the WCF service implements a custom username and password validator pattern. Passwords are stored securely using Password-Based Key Derivation Function PBKD cryptology of which the implementation is discussed. A custom error handler ensures that exceptions are properly wrapped into WCF Faults and communicated to the client caller. Certificates are discussed along with how to implement a server certificate on a client machine for development testing of “integrity” and application trust. The project includes a demo certificate and script for generating self-signed dev certificates, which must be installed into the client certificate store for the client tester application to trust and access the demo service. The client “tester” windows form application is not intended as a UX/UI demo but used to test and verify that the backend authentication service registration, login, logout, service operations, and callbacks are working as expected and sending proper WCF fault messages. Lastly, the project is shown in the demo section with a video and screen captures.