PolicyKit Authentication Framework: From Authentication to Authorization
Mar 15,
2016
I started out working to prevent something that the manual pages said should already be impossible, and ended up exploring what was to me a whole new area of Linux security. Join me in my exploration. Don’t Let The Users Flip The Switch According to the manual pages for halt, poweroff, shutdown, and reboot, only […]
Output Caching and Authenticated Users
May 4,
2012
In a recent post, I looked at using a custom parameter with OutputCache to provide different versions of an ASP.NET MVC view to different clients (mobile/traditional devices, AJAX / no-AJAX clients). The one question left unaddressed, however, was: what if there are some circumstances where you don’t want to cache at all? Output caching means […]
Preventing Duplicate Logins in ASP.NET
Jul 11,
2011
ASP.NET provides a convenient and highly extensible authentication and authorization system that is shared by both ASP.NET MVC and ASP.NET Web Forms. I have cheerfully used it for years, without ever worrying about the fact that there is nothing in the system to prevent the same user from logging in multiple times. The other day, […]