Kerberos is a network authentication protocol based on tickets. It is developed by Massachusetts Institute of Technology and used across different platforms. I have recently faced the need to use Kerberos on Windows and experienced some frustrations that I want to share in this post. Continue Reading…
ASP.NET Identity brings the authentication and authorization to a new level. Based on the OWIN middleware, one can plug & play different authentication and authorization providers, f.x. OAuth, OpenID, simple forms authentication. The beauty of the new identity model is that it provides a unified interface to work with. One can write her own log-in providers that still rely on the same unified interface.
Besides the typical scenarios where a user logs in with her username and password, or Twitter/Facebook/Google, or maybe a two factor log-in with SMS/e-mail confirmation, there is another interesting one. In some cases you would want to enable users to log in with simple forms authentication to access a basic area of functionality, f.x. just reading data. On the contrary you would want to protect other areas of the web site where the user can edit sensitive information, f.x. his password. In this case you may want to require that the user logs in again – either with the same provider or with another one.
To solve this issue I decided to write a simple extension for ASP.NET Identity, which I called Double confirm identity. It provides a set of utility methods you can use to achieve the described scenario.