Half a years worth of pull requests with great features have finally been baked into an official release of Kentor.AuthServices which is now available on Nuget. The most important fixes are improved active/passive handling for the Owin middleware and full support for SHA256/384/512 as it is time to leave SHA1.
First of all I would like thank all contributors and users that have had to wait for this while I’ve been on parental leave. A special thanks to Explunit who has made a lot of valuable contributions as well as reviewing pull requests and taken part in design discussions.
The public API of AuthServices is getting more and more stable, but nevertheless there are some breaking changes.
The Owin Middleware is now once again Passive by default
The Owin Middleware will act as Active during Logout, even if it is configured as passive. This can be disabled with the StrictOwinAuthenticationMode compatibility setting.
On .NET 4.6.2 and later AuthServices now by default generates SHA256-based signatures and only accepts SHA256 or stronger signatures.
The “clever” ReturnUrl expansion has been removed as it proved to create more problems than it solved.
I live in Sweden and one of the great things with that is that as a dad you can get months off for being with your kids while they are small. My youngest turned one in the end of May and a few days later I did my last day at the office for 2016. Since then I’ve been spending my days at home, seeing him learning new things every day. But now that period of my life is over and I’m back to work and he’s started at daycare.
As a dad, saying good bye to him and leaving him is of course hard. He on the other hand couldn’t care less. He’s at a new exciting place with a lot of new interesting things to explore.
I have interesting things to explore too. The world of software development moves fast and 6 months absence from active work means things have changed. .NET Core has been released and the tooling is quickly maturing. It’s time to look deeper into it and create an ASP.NET Core version Kentor.AuthServices to bring SAML2 to ASP.NET Core. But first there’s the SweTugg conference where I’ll do two talks. The first is a new one about real life TDD experiences with live coding real features in real projects. The second is an overview of security in ASP.NET Core.
Then there’s a ton of e-mails that I’ve not answered to in a timely manner. I’ll go through them but answering all of them will take time. There’s also a queue of Pull Requests in AuthServices that need to be handled. First in line are of course those from paying customers with valid support agreements. The rest will be reviewed when I have time.
Last, but not least this also means I’m available for consulting again, so if you need some services within my areas of expertise, please get in touch.
I’m not only a computer geek, I also spend considerable time renovating our home. Doing things yourself means there’s plenty of opportunities to make geek-friendly adaptions, such as preparing for a good home network.
Renovating a house is a major strain for the family economy, so keeping an eye on the cost has been a priority. I’m also a bit reluctant to invest too much in today’s state of the art technology, only to find out I need something else in just a few years. Considering that we’ve had the house for nearly 10 years things have indeed changed. Back then wired networking for computers was the main concern – now it is proper wifi coverage for all the phones and tablets that didn’t even exist back then.
My take on a future proof investment is to install a lot of empty cable hose. Then I’ve pulled CAT-5e cables to those places where I actually need it. Everything converges in the cupboard under the stairs (no, it’s not used as someone’s bedroom) where I have a small 19″ rack. In the rack, I have my home server (more about it below) and the central switch. The white box on the wall above the patch panel is the incoming fiber.
TL;DR A component licensed under LGPL can be used by closed source, proprietary software, both internally used and distributed, for free, with no effects on the software using the component. LGPL is not “contagious” in the same way as GPL, so it only affects the component under LGPL. As long as you’re only using official distributions of the component, it is free to use and free to redistribute. The only requirement is that you include a notice in your “about” page or similar that the component is used.
I often get questions about the LGPL license used for Kentor.AuthServices. I also often find it confused with GPL, which is something you should never, ever even consider to use in any closed source software that you intend to distribute. So this post is an effort to explain and answer common questions about the LGPL. Unfortunately I have to add the disclaimer: I’m not a lawyer and the content of this post is only meant as an overview and introduction to the license. I might have got things wrong, so please read the real license yourself and involve appropriate legal counsel to be sure.
I’m grateful, humbled and proud to receive the Microsoft MVP Award.
Ever since I first heard of the MVP program nearly 15 years ago I’ve had a great respect for those receiving the award. The MVPs I’ve met and got to know have all possessed that rare combination of deep technical knowledge and the social skills needed to communicated them. I’ve read blog posts, attended talks, watched videos, used open source and read open source by MVPs and learnt so much from them. And now I’m also an MVP. As much as I’m grateful and proud I’m also humbled (and a bit horrified) about being invited to be one of them.
Thanks for giving me the chance, now it’s up to me to prove that I’m worthy of a renewal next year.