Today, it’s a common practice not to store passwords in plain text in your database. Hashing and salting are relatively simple techniques that help you protect the passwords of your users. But with all the privacy and security regulations, you’re responsible for giving your clients the best possible protection.
Today is pretty standard that you have sensitive data in your database like telephone numbers, email addresses, sometimes credit card numbers or even social security numbers.
You can’t leave those plain text in your database. You want those hidden/encrypted for every database user. You want those encrypted. Also in case of a security breach during an attack you want your data to be protected. You cannot let these values fall into the wrong hands. Luckily Azure SQL has a nice feature called Always Encrypted. Let’s check it out!
Yeah I know, another AZ-204 Exam blog. My apologies. Some people say I apologise too much, so apologies for that also.
I think I mainly started this post for my own usage, but nevertheless, I hope these notes can also help other people.
In essence, it’s quite simple to host an App service in Azure. When you want to host an App Service you have a big selection of options to choose from. But how do you know which App Service is best for your company to host your app, also from a cost perspective Sometimes it can even be beneficial to let developers work on a legacy app in order to let it run on a different platform. Let’s check out why.
We are gonna create an actual Azure Active Directory B2C tenant with user flows for registering and sign in scenarios. After that, we create a web application that will be using it to authenticate users.
Picture a company that has a nice web application, but also has plans to create a Native Application for mobile devices. Unfortunately creating a complete Native app, will cost a lot of time and money to develop. If this is your situation, maybe transforming your web application into a Progressive Web App can help you.
The term “Progressive Web App” isn’t a formal or official name. It’s just a shorthand used initially by Google for the concept of creating a flexible, adaptable app using only web technologies.
The goal of Progressive Web Apps is to make the end-user feel as if they are working in a Native App, as we know it from mobile devices (Android and Ios).
Another big advantage of a Progressive Web App is the fact that any existing web application can easily become a Progressive Web App.
Most of the time when I need to use a self-signed certificate, I use Openssl. But I saw that you can easily create a self-signed certificate with Azure Key Vault.
In this blog post, I will use the Azure portal to create a simple self-signed certificate and make it available in your Azure App service.
In my previous article, I explained that every company has to think about what they want to do with the old AngularJs application? For some companies, it’s better to completely rewrite the application. Maybe even not in Angular anymore? (if you have the resources for it) And for some companies, it’s better to create a hybrid situation/application in which you can let the AngularJs application, with new Angular components, co-exist. This can really help you to easily make the transition from AngularJs to Angular.
This blog post is the first part of a series of blogs that will help you to take a look at a hybrid AngularJs/Angular application. Let’s start by setting up an environment for our migration.
AngularJs became very popular because of a set of features that really helped programmers constructing stable, scalable and robust web-applications. AngularJs reached the top segment of the market and was compared to ReactJs and EmberJs also a good choice to build your product with.
But all good things, come to an end.
These past few weeks I have worked on the implementation of OpenID within a Hybrid AngularJs / Angular application. For this implementation, I used the Angular OpenID client from Manfred Steyer. This client is OpenID certified and makes it easy to connect your Identity Provider (IdP). It supports implicit flow and PKCE code flow. There is also good documentation and examples so I am not gonna show you the code because it’s pretty clear in the documentation.
But what I do want to tell, is that by using implicit flow you are vulnerable to a couple of security issues.