Advertisement · 728 × 90

Posts by Marc Rufer

Exactly

1 month ago 0 0 1 0

It was just not necessary for our app. It was a blazor WASM where the backend was only used by the blazor WASM. No need for metadata to be exposed via swagger

1 month ago 0 0 1 0

No, in this scenario we didnt use ValidationAttribute.

We used swagger in dev, but without the need to get the FV restrictions.

1 month ago 0 0 1 0

@andrewlock.bsky.social no, I never used this library (yet) tbh. Last time we faced this challenge with a blazor app, we used FluentValidation (.WithMessage(GetLocalizedMessage<MyModel>("MustHaveCoordinateFormat")) or .Required(GetLocalizedMessage<MyModel>)

1 month ago 1 0 1 0
[HOWTO] Delete users created by bots in Azure AD B2C Multifactor authentication via SMS is vulnerable to bot attacks, potentially leading to high costs from automated account creations. To mitigate risks, it's recommended to disable SMS MFA, implement stronger bot protection, or disable sign-ups. If attacked, quickly identify and delete bot-created accounts using Azure portal and PowerShell scripts to manage user identities.

Blogged: [HOWTO] Delete users created by bots in Azure AD B2C

#azureadb2c #powershell #posh #msftgraph

2 months ago 0 0 0 0
[HOWTO] Implement Audit Logging in a .NET Core application using Entity Framework Core and Audit.NET This blog post outlines the implementation of audit logging using Audit.NET in .NET Core applications with Entity Framework Core. It discusses the purpose of audit logs, which enhance traceability and compliance, and details the setup process, including modifying the DbContext, creating tracking properties, and configuring audit data storage in a dedicated entity.

Blogged: [HOWTO] Implement Audit Logging in a .NET Core application using Entity Framework Core and Audit.NET

#dotnet #dotnetcore #efcore #auditdotnet #auditing #auditlog #audittrail #traceability

3 months ago 2 2 0 0
https://damienbod.com/2025/12/20/digital-authentication-and-identity-validation/

https://damienbod.com/2025/12/20/digital-authentication-and-identity-validation/

Blogged: Digital Authentication and Identity validation

damienbod.com/2025/12/20/d...

#oidc #identity #iam #swiyu #eid #oauth #dpop #openid #security #ecollecting #authentication #loa #loi #vc #oauth2 #swiss #ch #cybersecurity

3 months ago 5 2 0 0
[Headache Prevention] Workaround for the error “Could not authenticate user with requested resource” when accessing the Aspire dashboard Recently, I deployed a .NET Aspire solution to Azure Container Apps (via Azure Container registry). The Azure Container Apps resource is running within my personal Azure tenant. In my personal tenant, my user is assigned as Owner of the corresponding resource group and therefore also Owner (by inheritance) of the Container Apps Environment which resides within the same resource group. Furthermore, my user has Azure built-in role&hellip;

Blogged: [Headache Prevention] Workaround for the error "Could not authenticate user with requested resource" when accessing the Aspire dashboard

#azure #dotnet #aspire #dashboard

4 months ago 1 1 0 0
Preview
[HOWTO] Restore credentials of Work or School account(s) in Microsoft Authenticator App Switching Android smartphones complicates restoring Work or School account credentials, requiring re-signing into accounts and possibly resetting MFA.

Blogged: [HOWTO] Restore credentials of Work or School account(s) in Microsoft Authenticator App

#microsoft #authenticator #mfa #restore #workorschoolaccount

4 months ago 1 0 0 0
Advertisement
Post image Post image Post image

This week @damienbod.com and me attended the @owasp.org BeNeLux Days 2025 in Mechelen, Belgium 🇧🇪

There were some super interesting talks we were able to listen to and after the conference we enjoyed the Belgian beer culture 😉

Thanks to Sonar for the invitation!

#owasp #security #conference

4 months ago 2 1 0 0
Preview
Implement forgot your password using swiyu, ASP.NET Core Identity and Aspire This post show to implement a “Forgot your password” flow using the Swiss Digital identity and trust infrastructure, (swiyu) in an ASP.NET Core web application using ASP.NET Core Identi…

Blogged: Implement forgot your password using swiyu, ASP.NET Core Identity and Aspire

damienbod.com/2025/11/17/i...

#swiyu #aspire #aspnetcore #duende #identity #iam #eid #swiss #identity #dotnet

5 months ago 1 1 0 0
GitHub - secure-web-apps/EndToEndSecurityWeb: Secure Web application using ASP.NET Core, Angular, SonarQube and terraform. This repository hosts the source code for our .NET User Group Switzerland tou... Secure Web application using ASP.NET Core, Angular, SonarQube and terraform. This repository hosts the source code for our .NET User Group Switzerland tour. - secure-web-apps/EndToEndSecurityWeb

Production ready web application with full automation and recommended application security @rufer.be @renegadexx.bsky.social

github.com/secure-web-a...

#aspnetcore #aspire #sonarqube #sonar #github #angular #terraform #sast #authentication #entra #identity #dotnet #sast

5 months ago 3 1 0 0

Worth reading!

5 months ago 2 0 0 0
Preview
End-to-End Secure Web Development with .NET Aspire, JavaScript, E-ID, Wed, Oct 29, 2025, 6:00 PM | Meetup Hello Berner .NET friends The e-ID was approved by a narrow majority in the referendum. Let's take this opportunity to look at security and the integration of e-ID into ou

Join us tomorrow in Bern

www.meetup.com/net-user-gro...

End-to-End Secure Web Development with .NET Aspire, JavaScript, E-ID

Really looking for to this. @rufer.be @renegadexx.bsky.social

#swiyu #sonar #aspnetcore #aspire #dotnet #identity

5 months ago 2 1 0 0
Preview
Use swiyu, the Swiss E-ID to authenticate users with Duende and .NET Aspire This post shows how to authenticate users using Duende IdentityServer and ASP.NET Core Identity which verifies identities (verifiable digital credentials) using the Swiss Digital identity and trust…

Blogged: Use swiyu, the Swiss E-ID to authenticate users with Duende and .NET Aspire

damienbod.com/2025/10/27/u...

#swiyu #eid #identity #duende #aspnetcore #dotnet #aspire #openid #openidconnect #oauth #vdc #iam

5 months ago 3 2 0 0
Software Composition Analysis in SonarQube Advanced Security for SonarQube Cloud On the 15th of September, 2025, Sonar finally released the long-awaited Software Composition Analysis (SCA) to SonarQube Advanced Security for SonarQube Cloud! Software Composition Analysis (SCA) is an ideally automated process that analyzes software codebases to identify or detect embedded open-source software/components. The identified/detected dependencies form the basis for the following features that SCA tools typically offer. Detection of known security vulnerabilities based on data from&hellip;

Blogged: Software Composition Analysis in SonarQube Advanced Security for SonarQube Cloud

#sca #sonarqube #sonarqubecloud #security #sbom #licensecompliance

5 months ago 0 0 0 0
Advertisement
[HOWTO] Configure a custom domain and App Service Managed Certificate with Terraform Configuring a custom domain for an Azure App Service including a App Service Managed Certificate is the kind of task where I constantly have to look up the details. For this reason, and because a colleague asked me to blog about it, I decided to briefly document the process here.

Blogged: [HOWTO] Configure a custom domain and App Service Managed Certificate with Terraform

#azure #appservice #iac #terraform #customdomain #managedcertificate

5 months ago 0 0 0 0
[HOWTO] Enable and configure Defender for Storage at the storage account level by using Terraform The author aimed to enable Defender for Storage on a dedicated storage account using Terraform, updating the existing configuration. Although the Terraform apply succeeded, the feature was not enabled. After research, the issue was resolved by adjusting user roles, allowing a subsequent Terraform apply to produce the desired outcome.

Blogged: [HOWTO] Enable and configure Defender for Storage at the storage account level by using Terraform

#iac #terraform #azurestorage #defenderforstorage

5 months ago 2 1 0 0
Preview
End-to-End Secure Web Development with .NET Aspire, JavaScript, E-ID, Wed, Oct 29, 2025, 6:00 PM | Meetup Hello Berner .NET friends The e-ID was approved by a narrow majority in the referendum. Let's take this opportunity to look at security and the integration of e-ID into ou

Really looking forward to this event:

End-to-End Secure Web Development with .NET Aspire, JavaScript

Implementing Swiyu E-ID using Aspire

@rufer.be @renegadexx.bsky.social

www.meetup.com/net-user-gro...

#dotnet #aspire #js #webdev #eID #devops #devsecops #security #swiyu #swiss #identity

6 months ago 3 1 1 0
Preview
End-to-End Secure Web Development with .NET Aspire, JavaScript, E-ID, Wed, Oct 29, 2025, 6:00 PM | Meetup Hello Berner .NET friends The e-ID was approved by a narrow majority in the referendum. Let's take this opportunity to look at security and the integration of e-ID into ou

Really looking forward to talk about "End-to-End Secure Web Development with .NET Aspire, JavaScript, E-ID" together with my friend @damienbod.com

www.meetup.com/net-user-gro...

#dotnet #aspire #js #webdev #eID #devops #devsecops #security

6 months ago 4 1 0 0

Works as intended

7 months ago 1 0 0 0
Post image

.NET Day Switzerland 2025 was a blast!

In addition to inspiring sessions, there was the opportunity to meet old friends and make new ones!

Looking forward to the 2026 edition 🤗

Thanks to Manu, Fabian and Thomas for organizing this great community event!

#dotnetdayswitzerland #dotnet #community

7 months ago 6 1 0 0
Preview
Testing with 'dotnet test' - .NET Learn more about how 'dotnet test' works and its support for VSTest and Microsoft.Testing.Platform (MTP)

Is it a .NET 10 solution? If so, may some projects use VSTest while others use Microsoft.Testing.Platform.?!

learn.microsoft.com/en-us/dotnet...

8 months ago 0 0 1 0
Post image

First renewal ☑️🥳

#mvpbuzz

9 months ago 4 0 0 0

@sstranger.bsky.social thanks for reposting! Strange, that the link does not work for you as it works for me. Can you verify again?

9 months ago 0 0 0 0
Six interesting use cases for Azure DevOps MCP Server for the daily work of a developer While preparing my session for DWX 2025, in which I demonstrated a simple use case for Azure DevOps MCP Server (creating a user story from within the IDE), I came up with some other interesting use cases for the daily work of a developer. Now that I have tested them, I will outline the use cases I have discovered in this blog post.

Blogged: Six interesting use cases for Azure DevOps MCP Server for the daily work of a developer

#mcp #mcpserver #azuredevops #ado #githubcopilot

9 months ago 4 1 1 0
Advertisement
Post image

On my way to Mannheim 🚄 #DWX25 is calling!

See you there and for the German-speaking participants who are interested in GitHub Copilot, you may consider attending my session 😊

Looking forward to interesting sessions and chats

#DWX25 #github #githubcopilot #conference #leavingmycomfortzone

9 months ago 1 0 0 0
Preview
[HOWTO] Upload files to an Azure storage account using Terraform This blog post describes how to automate the upload of files to an Azure storage account using Terraform.

Blogged: [HOWTO] Upload files to an Azure storage account using Terraform

#iac #terraform #azurestorage

9 months ago 1 0 0 0

Thanks. Nice to hear that you came up with a similar pattern.
Azure App Configuration is helpful too to make things obvious. However, I think even with it it's important to avoid duplicates to avoid confusion

9 months ago 0 0 1 0
[Best Practice] Make Application Configuration of ASP.NET Core applications obvious In my work as a software developer, I have already been involved in numerous existing .NET software projects. Nearly all of these existing code bases had at least one thing in common: application configuration was not obvious. But why? Especially in the .NET ecosystem everything required to make it obvious is there. In this blog post I share my personal best practice to counteract this situation.

Blogged: [Best Practice] Make Application Configuration of ASP.NET Core applications obvious

#dotnet #aspnetcore #configuration #bestpractice

9 months ago 5 2 1 0