For revocation ephemeral data protection providers

This preview shows page 451 - 453 out of 475 pages.

for revocation.Ephemeral data protection providersThere are scenarios where an application needs a throwaway IDataProtectionProvider. For example, the developermight just be experimenting in a one-off console application, or the application itself is transient (it’s scripted or a unittest project). To support these scenarios the package Microsoft.AspNet.DataProtection includes a type EphemeralDat-aProtectionProvider. This type provides a basic implementation of IDataProtectionProvider whose key repository isheld solely in-memory and isn’t written out to any backing store.Each instance of EphemeralDataProtectionProvider uses its own unique master key. Therefore, if an IDataProtectorrooted at an EphemeralDataProtectionProvider generates a protected payload, that payload can only be unprotectedby an equivalent IDataProtector (given the samepurposechain) rooted at the same EphemeralDataProtectionProviderinstance.The following sample demonstrates instantiating an EphemeralDataProtectionProvider and using it to protect andunprotect data.using System;using Microsoft.AspNet.DataProtection;public class Program{public static void Main(string[] args){const string purpose = "Ephemeral.App.v1";2.13. Security447
ASP.NET 5 Documentation, Release// create an ephemeral provider and demonstrate that it can round-trip a payloadvar provider = new EphemeralDataProtectionProvider();var protector = provider.CreateProtector(purpose);Console.Write("Enter input: ");string input = Console.ReadLine();// protect the payloadstring protectedPayload = protector.Protect(input);Console.WriteLine($"Protect returned: {protectedPayload}");// unprotect the payloadstring unprotectedPayload = protector.Unprotect(protectedPayload);Console.WriteLine($"Unprotect returned: {unprotectedPayload}");// if I create a new ephemeral provider, it won't be able to unprotect existing// payloads, even if I specify the same purposeprovider = new EphemeralDataProtectionProvider();protector = provider.CreateProtector(purpose);unprotectedPayload = protector.Unprotect(protectedPayload); // THROWS}}/**SAMPLE OUTPUT**Enter input: Hello!*Protect returned: CfDJ8AAAAAAAAAAAAAAAAAAAAA...uGoxWLjGKtm1SkNACQ*Unprotect returned: Hello!*<< throws CryptographicException >>*/CompatibilitySharing cookies between applications.Web sites commonly consist of many individual web applications, all working together harmoniously. If an applicationdeveloper wants to provide a good single-sign-on experience, he’ll often need all of the different web applicationswithin the site to share authentication tickets between each other.To support this scenario, the data protection stack allows sharing Katana cookie authentication and ASP.NET 5 cookieauthentication tickets.Sharing authentication cookies between ASP.NET 5 applications.To share authentication cookies between twodifferent ASP.NET 5 applications, configure each application that should share cookies as follows.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 475 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Summer
Professor
LingKig
Tags
NET Framework, web app, DNX

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture