Talks

I enjoy sharing knowledge not only on my blog, but also through talks and training sessions. If you are interested in me doing a talk at your organisation, please get in touch. All talks are available in Swedish and English.

TDD from the Trenches

As developers we know that TDD is good and something we should do – just like when the dentist reminds us to floss the teeth daily (I only do it the week before and after the visit to the dentist).
The concept is more than 15 years old, but still TDD isn’t a mainstream practice. It’s obviously hard to get started and keeping up with TDD. Doing TDD in a tutorial is one thing, but when faced with a real task, things get complicated. Real tasks in real applications bring a level of complexity that often makes it hard to apply TDD, or figure out where to start. But it is possible, which is proven by the existence of projects that have been developed with TDD.
This is a hands on session that uses TDD to implement features in real world open source projects. The advantages of TDD are shown as well as some drawbacks and ways to avoid them.

Previous Presentations

Length: 50 minutes.

ASP.NET Core Authentication Deep Dive

ASP.NET Core has a new security model with a highly extendable authentication pipeline, powerful authorization and more. Using the OWASP Top 10 list as a checklist Anders goes through the ASP.NET Core Security features and shows the protections in the framework against those threats.

Authentication gets a closer look as federated single sign on is expected by more and more users and customers. The middleware structure in the framework is described, as well as how IdentityServer4 can be used for modern web single page applications calling backend services.

Previous Presentations

Length: 40-50 minutes.

A Guided Tour of ASP.NET Core Security

ASP.NET Core is a fresh start. There is a new security model with a highly extendable authentication pipeline. Authorization is also flexible with policy-based security that can easily be extended. Data Protection can be used to securely store sensitive values in cookies or form fields. There is also utilities that help mitigate common attack vectors such as cross site request forgery and cross site scripting.

For modern web applications with more advanced authentication requirements IdentityServer4 can be embedded in an ASP.NET Core application to issue tokens. Those can then be used as bearer tokens when accessing REST APIs.

This overview explains what is available and shows hands on how applications are configured to use the available features.

Previous Presentations

Length: 40-50 minutes.

Authentication and Authorization in Modern Web Applications

A modern Java-script-based client running in the untrusted web browser of the user needs secure access to a backend REST-API. Users of course require single sign on and in enterprise scenarios consolidated user management is a must. Building a secure system for login and access control that handles these scenarios has become more complex than ever.

But there is no need to build anything of this anymore, because it’s available as standard components building on standard interoperable protocols such as OAuth2 and OpenID Connect. A single page application can login to external providers such as Azure Active Directory through JavaScript libraries. An ASP.NET Core Web API backend can be protected through middleware and the improved authorization mechanisms in ASP.NET Core.

Previous Presentations

Length: 60 minutes.

  • TechDays 2016, Stockholm

Strangling the Legacy Out of an Application

A ten year old system with a basic architecture from a distant past (.NET 1.0? VB6?). New functionality built throughout the years with the then state of the art technology. On top of that some cosmetics to make the web interface look modern, but in reality the application is rotten on the inside and about to fall apart any day. That’s a common work environment for many developers.

But there is a way to get out of it without funding for a complete rewrite. Anders shares his experiences on strangling, a method where a new architecture is built in and around the existing code based, gradually replacing the old rotten code with a shiny new architecture.

Previous Presentations

Length: 50-60 minutes.

  • SweTugg Stockholm, 2016
  • NDC Oslo 2014
  • Internal talks at Kentor on multiple occasions

The Security Issues that Should Keep you Awake at Night

All software that we deliver is expected to be secure by our customers. But is it really secure? In many cases there is not even protection against the most basic vulnerabilities and attackes. In this hands on, live hacking talk, I show how to use well known attacks to extract credentials from one site. Those are used to attack another site, to ultimately reach my goal: Ordering lots of chocolate on someone else’s expense.

Previous Presentations

Length: 20 minutes, can be extended on request.

  • Internal Kentor Conference, 2016

An Introduction to Kentor.AuthServices SAML2 for .NET

This lightning talk introduces the Kentor.AuthServices SAML2 SP for .NET. It explains how authentication works in .NET and why a proper .NET solution is preferable to a product that acts as a separate proxy.

Previous Presentations

Length: 10 minutes, can be extended on request.

Git Started & 7 Steps to Git Wizardry

This two-part talk introduces git to developers that are used to other version control systems and continues with showing 7 Simple Tricks to Become a Git Wizard. The talk contains some powerpoint overview, but is mostly hands on demonstration with git, git extensions, GitHub and some Azure.

Previous Presentations

Length: 60 minutes for the 7 Simple Tricks to Become a Git Wizard only, 2×45 minutes for both parts.

How to Trick all the Developers in the World into Helping

This is an introductory talk on Stack Overflow from a gamification angle. It describes how gamification is used throughout Stack Overflow to build the biggest and most successful programming community ever. With constant adjustments to the model, the site has been able to sustain it growths past the critical first years.

Previous Presentations

Length: 40 minutes.

  • Sundsvall 42, 2015

Owin Authentication and ASP.NET Identity

This talk introduces and explains the Owin concept and how authentication is handled through middleware. It then goes deep into the authentication pipeline by debugging an authentication flow to discover the different steps involved.

Previous Presentations

Length: 2×45 minutes

  • SweNug Gothenburg, 2015
  • SweNug Stockholm, 2015

Version Control of Databases

By now, all teams use source control for program code. But what about databases? It is often not versioned properly. In this talk Anders introduces two tools for version control of database. Sql Server Data Tools uses a database centric approach where the database schema is checked in to source control. Entity Framework Migrations uses a code centric approach and creates migrations to keep the database schema updated.

Previous Presentations

Length: 2×45 minutes

  • SweNug Gothenborg, 2014
  • SweNug Stockholm, 2014

Using the Scrum Rules Against your Boss

Managers think that Scrum is invented to make developers work harder. That’s a lie. Scrum was invented by developers to keep managers away so that developers get time to do actual work.
Learn how the Scrum rules can be used against your boss to get a realistic workload and more coding time without interruptions.

Previous Presentations

Length: 45 minutes

Scrum for Project Managers

An introductory talk to Scrum, aimed at classical project managers. A project manager that is to start with scrum often takes the title of Scrum Master. Nothing can be more wrong if you really want the project to get the advantages of Scrum. This talk discusses how Scrum is different, not just by names, but with a different view on development and the development team.

Previous Presentations

Length: 45 minutes

  • Internal talk at Kentor, 2013
Software Development is a Job – Coding is a Passion

I'm Anders Abel, a systems architect and developer working for Kentor in Stockholm, Sweden.

profile for Anders Abel at Stack Overflow, Q&A for professional and enthusiast programmers

Code for most posts is available on my GitHub account.

Popular Posts

Archives

Series

Powered by WordPress with the Passion for Coding theme.