Skip to main content

Posts

Showing posts from 2018

Bit on certificates

In continuation to my previous blog, here I'm writing something more on SSL. As we learnt that, one of the key components of SSL protocol is certificates. Certification is nothing but just a set of files which contains information like: Owner of the certificate Issuer of the certificate Validity of the certificate, etc.  Below is the sample certificate: Before moving ahead, let’s have a look at the primary elements of certificates:  Public Key:   This file with extension as .crt is installed on the server and is distributed freely to any client.  Private Key: This file with extension .key is installed on the server and kept secret and secure. The file of SSL certificate contains information for encrypting data, it does not expire or have any details regarding organization or domain name.  Signing Request:   This file with extension .csr is sent to certificate authority by an applicant while applying for

Is SSL and TLS same or different?

Yes, many people are using these terms interchangeably. But in today’s time, right term would be TLS. Well, understand what is this TLS and why do we really need it? Most of us are already aware that HTTP is a plain text protocol which doesn’t have its own transport security mechanisms. In other words, HTTP is a protocol which sends data to a server and gets a response without any built-in feature or mechanism to protect data packet against tampering. To protect our packet which is travelling through HTTP, some sort of secure tunneling is required and that secure tunneling is provided by a protocol called TLS a.k.a. SSL. Here HTTP and TLS comes together. Usually people associate SSL/TLS with encryption, but that is not the only feature SSL provides. There are few more features as: Server Authentication – It makes sure that communication with the right server is made Veracity Protection – It promotes integrity and makes sure that none in between is reading our dat

Microsoft announced ASP.NET Core 2.2

In yesterday’s .Net conference, Microsoft announced ASP.NET Core 2.2 as part of .Net Core 2.2 Preview 2 SDK and Visual Studio 2017 15.9 Preview 2. List of new features looks very interesting. Let's have a gist of those: Template updates: This release includes Bootstrap 4 support in ASP.NET Core Web Project templates as well as in scaffold and is the default version for UI, which gives completely new look. Supports Angular 6 for SPA based templates. Web API related changes are the major improvements in this release and contributes towards much easier and much better  Web APIs. HTTP/2 support is added for Kestral. lIIS in-process hosting model is added for IIS for much better performance and reliability. Health checks framework is integrated now to monitor health of APIs and apps.Using this we can make sure that our apps and APIs are live and ready for traffic prone situations. New routing system Endpoint routing was brought in, which takes

Web API Resource URI construction Practices

Main focus of this article would be on how to make Web API more understandable to the consumers from Resource URI construction point. In Web API, each resource will have unique identifier. So, one should be very careful while constructing these URIs. Here are the few very good practices one should go for: URI should belong to NOUN rather than ACTIONS. URI example Is preferred? Remarks api/getemployees × api/employees √ Using GET api/id/employees × api/employees/{id} √ Fetch employee with a given ID using GET api/xyz/xyz/employees × api/employees √ api/employees/orderby/name × api/employees?orderby=name √ Filter criteria Should Nouns be Pluralize or not? It is up to you whether you want to go for pluralize nouns or not. But whatever decision you are making it should be consistent throughout the controller

Generating documentation for Web API 2.0

In my previous article, we got the gist of Web API but we didn’t do anything on documentation part. So, in this article we will cover the documentation of our Wep API which will help the users using Swagger. What is Swagger? Swagger is a standard which is used to define the API, so that endpoints can be found and discovered easily with the help of small documentation along with the user interface. If it is clear that what API is doing, one can easily consume these APIs. It is similar to WSDL for Web Services. How to get Swagger? Swagger is an open source library with a name SwashBuckle and can be taken by any means of importing packages. Let’s have a look on how to get it from Nuget: What code changes are required? First of all, we have to go and register the service for swagger as: public void ConfigureServices(IServiceCollection services) { services.AddMvc(); services.AddSwaggerGen(options=> { options.SwaggerDoc( "Version 1" , new Sw

CRUD operations using ASP.NET Core 2.0 and In-memory database with Entity Framework

In this article, we will create a Web API with in-memory database using Entity Framework and ASP.NET Core 2.0 without any theoretical explanation. To know more on concepts and theory, my previous articles can be referred. Let’s quickly create a new ASP.NET Core application by choosing API template and name it as ConferencePlanner. Add a new Model entity named Workshop inside a newly add Models folder as shown below: public class Workshop {     public int Id { get ; set ; }     public string Name { get ; set ; }     public string Speaker { get ; set ; } } Here we are going to use in-memory class along with EF. So, we have to add a new class for setting up the database context as shown below: public class ApplicationDbContext :DbContext {     public ApplicationDbContext(DbContextOptions<ApplicationDbContext> context): base (context)     {     } } Now we have to maintain multiple workshops under a conference. So, g