From 67e54349c839d9a1ccb5133f5897809090fc2f67 Mon Sep 17 00:00:00 2001 From: Rick Anderson Date: Wed, 4 Apr 2018 14:49:14 -1000 Subject: [PATCH] Revert "CI Update (#5878)" This reverts commit 1832723bd1557feb789e7a96ef80d7c4a2a9436b. --- .../automate-everything.md | 8 +- ...ous-integration-and-continuous-delivery.md | 6 +- .../data-partitioning-strategies.md | 6 +- .../data-storage-options.md | 6 +- .../design-to-survive-failures.md | 6 +- .../distributed-caching.md | 6 +- .../introduction.md | 4 +- .../monitoring-and-telemetry.md | 6 +- .../more-patterns-and-guidance.md | 6 +- .../queue-centric-work-pattern.md | 6 +- .../single-sign-on.md | 6 +- .../source-control.md | 6 +- .../the-fix-it-sample-application.md | 24 +- .../transient-fault-handling.md | 6 +- .../unstructured-blob-storage.md | 6 +- .../web-development-best-practices.md | 6 +- ...zure-websites-managing-change-and-scale.md | 20 +- .../an-overview-of-project-katana.md | 2 +- .../host-owin-in-an-azure-worker-role.md | 2 +- ...ddleware-in-the-iis-integrated-pipeline.md | 6 +- .../owin-oauth-20-authorization-server.md | 622 +++++++++--------- .../owin-startup-class-detection.md | 42 +- aspnet/docfx.json | 7 +- ...-mysql-aspnet-identity-storage-provider.md | 2 +- ...m-storage-providers-for-aspnet-identity.md | 30 +- ...-password-recovery-with-aspnet-identity.md | 4 +- ...sing-sms-and-email-with-aspnet-identity.md | 44 +- ...-an-empty-or-existing-web-forms-project.md | 6 +- .../aspnet-identity-recommended-resources.md | 2 +- ...-with-an-entityframework-mysql-provider.md | 30 +- ...pps-with-windows-azure-active-directory.md | 12 +- .../introduction-to-aspnet-identity.md | 20 +- ...-from-sql-membership-to-aspnet-identity.md | 16 +- ...ip-and-user-profiles-to-aspnet-identity.md | 10 +- aspnet/index.md | 14 +- aspnet/mobile/tested-devices.md | 534 +++++++-------- .../changing-the-database.md | 6 +- .../creating-the-web-application.md | 6 +- .../customizing-a-view.md | 6 +- .../enhancing-data-validation.md | 6 +- .../generating-views.md | 6 +- .../publish-to-azure.md | 4 +- .../setting-up-database.md | 4 +- ...rk-scenarios-for-an-mvc-web-application.md | 4 +- ...framework-in-an-asp-net-mvc-application.md | 20 +- ...framework-in-an-asp-net-mvc-application.md | 6 +- ...ta-model-for-an-asp-net-mvc-application.md | 10 +- ...ta-model-for-an-asp-net-mvc-application.md | 42 +- ...framework-in-an-asp-net-mvc-application.md | 6 +- ...ty-framework-in-asp-net-mvc-application.md | 32 +- ...framework-in-an-asp-net-mvc-application.md | 8 +- ...framework-in-an-asp-net-mvc-application.md | 36 +- ...framework-in-an-asp-net-mvc-application.md | 6 +- ...framework-in-an-asp-net-mvc-application.md | 6 +- ...framework-in-an-asp-net-mvc-application.md | 6 +- ...sing-your-models-data-from-a-controller.md | 10 +- .../introduction/adding-a-controller.md | 8 +- .../introduction/adding-a-model.md | 8 +- .../introduction/adding-a-new-field.md | 16 +- .../introduction/adding-a-view.md | 8 +- .../introduction/adding-search.md | 8 +- .../introduction/adding-validation.md | 8 +- .../creating-a-connection-string.md | 8 +- ...xamining-the-details-and-delete-methods.md | 6 +- ...xamining-the-edit-methods-and-edit-view.md | 12 +- .../introduction/getting-started.md | 19 +- .../getting-started/introduction/index.md | 2 +- .../recommended-resources-for-mvc.md | 2 +- .../iteration-1-create-the-application-cs.md | 4 +- .../iteration-1-create-the-application-vb.md | 6 +- ...ion-2-make-the-application-look-nice-cs.md | 6 +- ...ion-2-make-the-application-look-nice-vb.md | 6 +- .../iteration-3-add-form-validation-cs.md | 6 +- .../iteration-3-add-form-validation-vb.md | 6 +- ...make-the-application-loosely-coupled-cs.md | 6 +- ...make-the-application-loosely-coupled-vb.md | 6 +- .../iteration-5-create-unit-tests-cs.md | 6 +- .../iteration-5-create-unit-tests-vb.md | 6 +- ...ration-6-use-test-driven-development-cs.md | 6 +- ...ration-6-use-test-driven-development-vb.md | 6 +- .../iteration-7-add-ajax-functionality-cs.md | 6 +- .../iteration-7-add-ajax-functionality-vb.md | 4 +- ...ing-dynamic-content-to-a-cached-page-cs.md | 6 +- ...ing-dynamic-content-to-a-cached-page-vb.md | 6 +- .../asp-net-mvc-controller-overview-vb.md | 10 +- .../asp-net-mvc-routing-overview-cs.md | 4 +- .../asp-net-mvc-routing-overview-vb.md | 6 +- .../aspnet-mvc-controllers-overview-cs.md | 6 +- .../creating-a-controller-cs.md | 10 +- .../creating-a-controller-vb.md | 10 +- .../creating-a-custom-route-constraint-cs.md | 6 +- .../creating-a-custom-route-constraint-vb.md | 4 +- .../creating-a-route-constraint-cs.md | 6 +- .../creating-a-route-constraint-vb.md | 6 +- .../creating-an-action-cs.md | 6 +- .../creating-an-action-vb.md | 6 +- .../creating-custom-routes-cs.md | 6 +- .../creating-custom-routes-vb.md | 6 +- ...ving-performance-with-output-caching-cs.md | 6 +- ...ving-performance-with-output-caching-vb.md | 6 +- .../understanding-action-filters-cs.md | 6 +- .../understanding-action-filters-vb.md | 6 +- ...t-mvc-with-different-versions-of-iis-cs.md | 4 +- ...t-mvc-with-different-versions-of-iis-vb.md | 4 +- .../getting-started-with-mvc-part1.md | 4 +- .../getting-started-with-mvc-part2.md | 6 +- .../getting-started-with-mvc-part3.md | 6 +- .../getting-started-with-mvc-part4.md | 6 +- .../getting-started-with-mvc-part5.md | 6 +- .../getting-started-with-mvc-part6.md | 6 +- .../getting-started-with-mvc-part7.md | 6 +- .../getting-started-with-mvc-part8.md | 4 +- ...ating-model-classes-with-linq-to-sql-cs.md | 6 +- ...ating-model-classes-with-linq-to-sql-vb.md | 11 +- ...el-classes-with-the-entity-framework-cs.md | 4 +- ...el-classes-with-the-entity-framework-vb.md | 6 +- .../displaying-a-table-of-database-data-cs.md | 6 +- .../displaying-a-table-of-database-data-vb.md | 6 +- .../performing-simple-validation-cs.md | 6 +- .../performing-simple-validation-vb.md | 6 +- .../validating-with-a-service-layer-cs.md | 6 +- .../validating-with-a-service-layer-vb.md | 6 +- ...ng-with-the-idataerrorinfo-interface-cs.md | 6 +- ...ng-with-the-idataerrorinfo-interface-vb.md | 6 +- ...-with-the-data-annotation-validators-cs.md | 6 +- ...-with-the-data-annotation-validators-vb.md | 4 +- ...ation-in-15-minutes-with-asp-net-mvc-cs.md | 4 +- ...ation-in-15-minutes-with-asp-net-mvc-vb.md | 4 +- ...-a-model-with-business-rule-validations.md | 6 +- .../nerddinner/create-a-database.md | 6 +- .../create-a-new-aspnet-mvc-project.md | 6 +- .../enable-automated-unit-testing.md | 6 +- .../implement-efficient-data-paging.md | 6 +- .../introducing-the-nerddinner-tutorial.md | 4 +- .../nerddinner/nerddinner-wrap-up.md | 4 +- ...d-update-delete-data-form-entry-support.md | 12 +- ...-use-ui-using-master-pages-and-partials.md | 6 +- ...-using-authentication-and-authorization.md | 6 +- .../use-ajax-to-deliver-dynamic-updates.md | 8 +- ...use-ajax-to-implement-mapping-scenarios.md | 6 +- ...-views-to-implement-a-listingdetails-ui.md | 8 +- ...iewdata-and-implement-viewmodel-classes.md | 6 +- ...ting-users-with-forms-authentication-cs.md | 4 +- ...ting-users-with-forms-authentication-vb.md | 10 +- ...ng-users-with-windows-authentication-cs.md | 6 +- ...ng-users-with-windows-authentication-vb.md | 6 +- ...venting-javascript-injection-attacks-cs.md | 8 +- ...venting-javascript-injection-attacks-vb.md | 6 +- ...t-tests-for-asp-net-mvc-applications-cs.md | 4 +- ...t-tests-for-asp-net-mvc-applications-vb.md | 4 +- .../views/asp-net-mvc-views-overview-cs.md | 4 +- .../views/asp-net-mvc-views-overview-vb.md | 6 +- .../views/creating-custom-html-helpers-cs.md | 6 +- .../views/creating-custom-html-helpers-vb.md | 6 +- ...-page-layouts-with-view-master-pages-cs.md | 6 +- ...-page-layouts-with-view-master-pages-vb.md | 6 +- .../passing-data-to-view-master-pages-cs.md | 6 +- .../passing-data-to-view-master-pages-vb.md | 4 +- ...gbuilder-class-to-build-html-helpers-cs.md | 6 +- ...gbuilder-class-to-build-html-helpers-vb.md | 6 +- .../aspnet-mvc-4-mobile-features.md | 4 +- ...n-with-razor-and-unobtrusive-javascript.md | 4 +- ...sing-your-models-data-from-a-controller.md | 284 ++++---- .../cs/adding-a-controller.md | 6 +- .../cs/adding-a-model.md | 6 +- .../cs/adding-a-new-field.md | 6 +- .../cs/adding-a-view.md | 6 +- .../cs/adding-validation-to-the-model.md | 6 +- ...xamining-the-edit-methods-and-edit-view.md | 6 +- ...mproving-the-details-and-delete-methods.md | 6 +- .../cs/intro-to-aspnet-mvc-3.md | 4 +- ...sing-your-models-data-from-a-controller.md | 6 +- .../vb/adding-a-controller.md | 6 +- .../vb/adding-a-model.md | 6 +- .../vb/adding-a-new-field.md | 8 +- .../vb/adding-a-view.md | 8 +- .../vb/adding-validation-to-the-model.md | 6 +- ...xamining-the-edit-methods-and-edit-view.md | 6 +- ...mproving-the-details-and-delete-methods.md | 6 +- .../vb/intro-to-aspnet-mvc-3.md | 4 +- ...sing-your-models-data-from-a-controller.md | 6 +- .../adding-a-controller.md | 6 +- .../adding-a-model.md | 6 +- ...-new-field-to-the-movie-model-and-table.md | 8 +- .../adding-a-view.md | 6 +- .../adding-validation-to-the-model.md | 6 +- ...xamining-the-details-and-delete-methods.md | 6 +- ...xamining-the-edit-methods-and-edit-view.md | 6 +- .../intro-to-aspnet-mvc-4.md | 4 +- ...rk-scenarios-for-an-mvc-web-application.md | 6 +- ...building-the-ef5-mvc4-chapter-downloads.md | 4 +- ...ta-model-for-an-asp-net-mvc-application.md | 10 +- ...ta-model-for-an-asp-net-mvc-application.md | 34 +- ...framework-in-an-asp-net-mvc-application.md | 6 +- ...ty-framework-in-asp-net-mvc-application.md | 30 +- ...framework-in-an-asp-net-mvc-application.md | 8 +- ...-patterns-in-an-asp-net-mvc-application.md | 8 +- ...framework-in-an-asp-net-mvc-application.md | 8 +- ...framework-in-an-asp-net-mvc-application.md | 18 +- ...framework-in-an-asp-net-mvc-application.md | 6 +- .../aspnet-mvc-4-custom-action-filters.md | 54 +- .../aspnet-mvc-4-dependency-injection.md | 44 +- ...ty-framework-scaffolding-and-migrations.md | 34 +- .../aspnet-mvc-4-fundamentals.md | 294 ++++----- ...pnet-mvc-4-helpers-forms-and-validation.md | 110 ++-- .../aspnet-mvc-4-models-and-data-access.md | 157 ++--- .../whats-new-in-aspnet-mvc-4.md | 250 +++---- .../mvc-music-store/mvc-music-store-part-1.md | 4 +- .../mvc-music-store-part-10.md | 4 +- .../mvc-music-store/mvc-music-store-part-2.md | 6 +- .../mvc-music-store/mvc-music-store-part-3.md | 6 +- .../mvc-music-store/mvc-music-store-part-4.md | 6 +- .../mvc-music-store/mvc-music-store-part-5.md | 6 +- .../mvc-music-store/mvc-music-store-part-6.md | 6 +- .../mvc-music-store/mvc-music-store-part-7.md | 6 +- .../mvc-music-store/mvc-music-store-part-8.md | 6 +- .../mvc-music-store/mvc-music-store-part-9.md | 6 +- ...r-popup-calendar-with-aspnet-mvc-part-1.md | 4 +- ...r-popup-calendar-with-aspnet-mvc-part-2.md | 6 +- ...r-popup-calendar-with-aspnet-mvc-part-3.md | 6 +- ...r-popup-calendar-with-aspnet-mvc-part-4.md | 4 +- ...ory-to-the-dropdownlist-using-jquery-ui.md | 8 +- ...t-mvc-scaffolds-the-dropdownlist-helper.md | 6 +- ...the-dropdownlist-helper-with-aspnet-mvc.md | 4 +- .../performance/bundling-and-minification.md | 2 +- ...-debug-your-aspnet-mvc-app-with-glimpse.md | 2 +- ...ng-asynchronous-methods-in-aspnet-mvc-4.md | 12 +- ...i-project-to-aspnet-mvc-5-and-web-api-2.md | 10 +- ...sms-and-email-two-factor-authentication.md | 40 +- ...ok-and-google-oauth2-and-openid-sign-on.md | 10 +- .../preventing-open-redirection-attacks.md | 4 +- ...1-architectural-discussion-and-overview.md | 4 +- ...hopping-cart-refactor-and-authorization.md | 6 +- ...-the-shopping-cart-and-using-components.md | 6 +- .../aspnet-mvc-storefront-part-12-mocking.md | 6 +- ...storefront-part-13-dependency-injection.md | 6 +- ...refront-part-14-rich-client-interaction.md | 6 +- ...c-storefront-part-15-public-code-review.md | 6 +- ...ont-part-16-membership-redo-with-openid.md | 6 +- ...front-part-17-checkout-with-jeff-atwood.md | 6 +- ...orefront-part-18-creating-an-experience.md | 6 +- ...processing-orders-with-windows-workflow.md | 6 +- ...ront-part-19a-windows-workflow-followup.md | 6 +- ...torefront-part-2-the-repository-pattern.md | 6 +- .../aspnet-mvc-storefront-part-20-logging.md | 6 +- ...rt-21-order-manager-and-personalization.md | 6 +- ...t-22-restructuring-rerouting-and-paypal.md | 6 +- ...tting-started-with-domain-driven-design.md | 6 +- .../aspnet-mvc-storefront-part-24-finis.md | 4 +- ...mvc-storefront-part-3-pipes-and-filters.md | 6 +- ...mvc-storefront-part-4-linq-to-sql-spike.md | 6 +- ...net-mvc-storefront-part-5-globalization.md | 6 +- ...hing-the-repository-and-initial-ui-work.md | 6 +- ...c-storefront-part-7-routing-and-ui-work.md | 6 +- ...esting-controllers-iteration-1-complete.md | 6 +- ...mvc-storefront-part-9-the-shopping-cart.md | 6 +- .../aspnet-mvc-for-the-rest-of-us-part-1.md | 4 +- .../aspnet-mvc-for-the-rest-of-us-part-2.md | 6 +- .../aspnet-mvc-for-the-rest-of-us-part-3.md | 6 +- .../aspnet-mvc-for-the-rest-of-us-part-4.md | 4 +- .../5-minute-introduction-to-aspnet-mvc.md | 6 +- .../an-introduction-to-url-routing.md | 6 +- .../mvc-2/how-do-i/aspnet-mvc-2-areas.md | 6 +- .../how-do-i/aspnet-mvc-2-render-action.md | 6 +- .../aspnet-mvc-controller-overview.md | 6 +- ...0-minute-technical-video-for-developers.md | 6 +- ...plication-in-15-minutes-with-aspnet-mvc.md | 6 +- ...-a-tasklist-application-with-aspnet-mvc.md | 4 +- .../how-do-i/creating-custom-html-helpers.md | 6 +- ...creating-model-classes-with-linq-to-sql.md | 6 +- ...-unit-tests-for-aspnet-mvc-applications.md | 6 +- .../displaying-a-table-of-database-data.md | 6 +- ...stom-html-helper-for-an-mvc-application.md | 6 +- ...els-to-manage-data-for-aspnet-mvc-views.md | 6 +- ...x-call-in-an-aspnet-mvc-web-application.md | 6 +- ...pverbs-attributes-in-an-mvc-application.md | 6 +- ...k-with-data-in-aspnet-mvc-partial-views.md | 6 +- ...ith-model-binders-in-an-mvc-application.md | 6 +- .../how-do-i/how-to-best-learn-asp-net-mvc.md | 4 +- .../mvc-2/how-do-i/mvc2-html-encoding.md | 6 +- .../mvc-2/how-do-i/mvc2-model-validation.md | 6 +- .../how-do-i/mvc2-stronglytyped-helpers.md | 6 +- .../how-do-i/mvc2-template-customization.md | 6 +- ...preventing-javascript-injection-attacks.md | 6 +- ...s-controller-actions-and-action-results.md | 6 +- ...erstanding-models-views-and-controllers.md | 6 +- ...anding-views-view-data-and-html-helpers.md | 6 +- ...ideo-for-developers-building-nerddinner.md | 6 +- ...nute-overview-video-for-decision-makers.md | 6 +- ...art-1-intro-tools-and-project-structure.md | 4 +- .../mvc-music-store-part-2-controllers.md | 6 +- ...music-store-part-3-views-and-viewmodels.md | 4 +- .../introduction-to-signalr.md | 8 +- ...real-time-web-applications-with-signalr.md | 12 +- .../tutorial-server-broadcast-with-signalr.md | 2 +- .../introduction-to-security.md | 2 +- ...-getting-started-with-signalr-and-mvc-4.md | 16 +- ...al-server-broadcast-with-aspnet-signalr.md | 2 +- .../performance/scaleout-with-sql-server.md | 2 +- .../overview/security/hub-authorization.md | 2 +- .../security/introduction-to-security.md | 2 +- .../unit-testing-signalr-applications.md | 8 +- .../overview/introduction/other-libraries.md | 26 +- .../overview/templates/hottowel-template.md | 4 +- .../2012/windows-azure-authentication.md | 4 +- .../overview/2013/release-notes.md | 28 +- .../calling-a-web-api-from-a-net-client.md | 14 +- .../advanced/configuring-aspnet-web-api.md | 14 +- .../part-1.md | 4 +- .../part-10.md | 4 +- .../part-2.md | 6 +- .../part-3.md | 6 +- .../part-4.md | 6 +- .../part-5.md | 8 +- .../part-6.md | 6 +- .../part-7.md | 6 +- .../part-8.md | 6 +- .../part-9.md | 6 +- ...-aspnet-web-api-in-an-azure-worker-role.md | 2 +- ...-api-from-a-windows-phone-8-application.md | 111 ++-- .../odata-security-guidance.md | 4 +- .../odata-v3/creating-an-odata-endpoint.md | 2 +- .../build-restful-apis-with-aspnet-web-api.md | 94 ++- ...ng-web-api-with-entity-framework-part-1.md | 4 +- ...ng-web-api-with-entity-framework-part-2.md | 6 +- ...ng-web-api-with-entity-framework-part-3.md | 6 +- ...ng-web-api-with-entity-framework-part-4.md | 6 +- ...ng-web-api-with-entity-framework-part-5.md | 6 +- ...ng-web-api-with-entity-framework-part-6.md | 6 +- ...ng-web-api-with-entity-framework-part-7.md | 4 +- .../external-authentication-services.md | 22 +- ...ion-resiliency-and-command-interception.md | 20 +- .../databinding-to-an-accordion-cs.md | 4 +- .../databinding-to-an-accordion-vb.md | 6 +- ...dynamically-adding-an-accordion-pane-cs.md | 6 +- ...dynamically-adding-an-accordion-pane-vb.md | 4 +- .../adding-animation-to-a-control-cs.md | 4 +- .../adding-animation-to-a-control-vb.md | 6 +- .../animating-an-updatepanel-control-cs.md | 6 +- .../animating-an-updatepanel-control-vb.md | 6 +- ...ting-in-response-to-user-interaction-cs.md | 6 +- ...ting-in-response-to-user-interaction-vb.md | 6 +- .../animation-depending-on-a-condition-cs.md | 6 +- .../animation-depending-on-a-condition-vb.md | 6 +- ...-an-animation-using-client-side-code-cs.md | 6 +- ...-an-animation-using-client-side-code-vb.md | 6 +- .../disabling-actions-during-animation-cs.md | 6 +- .../disabling-actions-during-animation-vb.md | 6 +- ...y-controlling-updatepanel-animations-cs.md | 6 +- ...y-controlling-updatepanel-animations-vb.md | 4 +- ...ng-animations-using-client-side-code-cs.md | 6 +- ...ng-animations-using-client-side-code-vb.md | 6 +- ...-several-animations-after-each-other-cs.md | 6 +- ...-several-animations-after-each-other-vb.md | 6 +- ...-several-animations-at-the-same-time-cs.md | 6 +- ...-several-animations-at-the-same-time-vb.md | 6 +- ...ying-animations-from-the-server-side-cs.md | 6 +- ...ying-animations-from-the-server-side-vb.md | 6 +- .../picking-one-animation-out-of-a-list-cs.md | 6 +- .../picking-one-animation-out-of-a-list-vb.md | 6 +- ...ring-an-animation-in-another-control-cs.md | 6 +- ...ring-an-animation-in-another-control-vb.md | 6 +- ...lling-a-list-using-cascadingdropdown-cs.md | 4 +- ...lling-a-list-using-cascadingdropdown-vb.md | 6 +- ...-list-entries-with-cascadingdropdown-cs.md | 6 +- ...-list-entries-with-cascadingdropdown-vb.md | 6 +- ...auto-postback-with-cascadingdropdown-cs.md | 6 +- ...auto-postback-with-cascadingdropdown-vb.md | 4 +- ...ng-cascadingdropdown-with-a-database-cs.md | 6 +- ...ng-cascadingdropdown-with-a-database-vb.md | 6 +- ...nd-expanding-a-panel-from-javascript-cs.md | 4 +- ...nd-expanding-a-panel-from-javascript-vb.md | 4 +- ...ing-the-colorpicker-control-extender-cs.md | 4 +- ...ing-the-colorpicker-control-extender-vb.md | 4 +- .../how-do-i-use-the-combobox-control-cs.md | 4 +- .../how-do-i-use-the-combobox-control-vb.md | 4 +- .../using-a-confirmbutton-in-a-repeater-cs.md | 4 +- .../using-a-confirmbutton-in-a-repeater-vb.md | 4 +- ...djusting-the-z-index-of-a-dropshadow-cs.md | 4 +- ...djusting-the-z-index-of-a-dropshadow-vb.md | 6 +- ...opshadow-properties-from-client-code-cs.md | 6 +- ...opshadow-properties-from-client-code-vb.md | 4 +- .../dynamically-populating-a-control-cs.md | 4 +- ...ting-a-control-using-javascript-code-cs.md | 6 +- ...ting-a-control-using-javascript-code-vb.md | 6 +- .../dynamically-populating-a-control-vb.md | 6 +- ...e-with-a-user-control-and-javascript-cs.md | 6 +- ...e-with-a-user-control-and-javascript-vb.md | 4 +- ...nly-certain-characters-in-a-text-box-cs.md | 4 +- ...nly-certain-characters-in-a-text-box-vb.md | 4 +- ...jax-control-toolkit-control-extender-cs.md | 8 +- ...jax-control-toolkit-control-extender-vb.md | 6 +- ...tarted-with-the-ajax-control-toolkit-cs.md | 4 +- ...tarted-with-the-ajax-control-toolkit-vb.md | 6 +- ...olkit-controls-and-control-extenders-cs.md | 6 +- ...olkit-controls-and-control-extenders-vb.md | 6 +- ...ng-hovermenu-with-a-repeater-control-cs.md | 4 +- ...ng-hovermenu-with-a-repeater-control-vb.md | 4 +- ...how-do-i-use-the-html-editor-control-cs.md | 4 +- ...how-do-i-use-the-html-editor-control-vb.md | 4 +- ...handling-postbacks-from-a-modalpopup-cs.md | 6 +- ...handling-postbacks-from-a-modalpopup-vb.md | 6 +- ...-modal-popup-window-from-server-code-cs.md | 4 +- ...-modal-popup-window-from-server-code-vb.md | 6 +- .../modalpopup/positioning-a-modalpopup-cs.md | 6 +- .../modalpopup/positioning-a-modalpopup-vb.md | 4 +- ...g-modalpopup-with-a-repeater-control-cs.md | 6 +- ...g-modalpopup-with-a-repeater-control-vb.md | 6 +- ...eating-mutually-exclusive-checkboxes-cs.md | 4 +- ...eating-mutually-exclusive-checkboxes-vb.md | 4 +- .../nobot/fighting-bots-cs.md | 4 +- .../nobot/fighting-bots-vb.md | 4 +- ...n-control-with-a-web-service-backend-cs.md | 4 +- ...n-control-with-a-web-service-backend-vb.md | 4 +- .../testing-the-strength-of-a-password-cs.md | 4 +- .../testing-the-strength-of-a-password-vb.md | 4 +- ...-a-popup-control-with-an-updatepanel-cs.md | 6 +- ...-a-popup-control-with-an-updatepanel-vb.md | 6 +- ...popup-control-without-an-updatepanel-cs.md | 6 +- ...popup-control-without-an-updatepanel-vb.md | 4 +- .../popup/using-multiple-popup-controls-cs.md | 4 +- .../popup/using-multiple-popup-controls-vb.md | 6 +- .../rating/creating-a-rating-control-cs.md | 4 +- .../rating/creating-a-rating-control-vb.md | 4 +- .../drag-and-drop-via-reorderlist-cs.md | 6 +- .../drag-and-drop-via-reorderlist-vb.md | 4 +- .../using-postbacks-with-reorderlist-cs.md | 4 +- .../using-postbacks-with-reorderlist-vb.md | 6 +- .../databinding-the-slider-control-cs.md | 6 +- .../databinding-the-slider-control-vb.md | 4 +- ...he-slider-control-with-auto-postback-cs.md | 4 +- ...he-slider-control-with-auto-postback-vb.md | 6 +- ...using-textboxwatermark-in-a-formview-cs.md | 4 +- ...using-textboxwatermark-in-a-formview-vb.md | 6 +- ...oxwatermark-with-validation-controls-cs.md | 6 +- ...oxwatermark-with-validation-controls-vb.md | 4 +- ...c-concurrency-with-the-sqldatasource-cs.md | 6 +- ...c-concurrency-with-the-sqldatasource-vb.md | 4 +- ...deleting-data-with-the-sqldatasource-cs.md | 6 +- ...deleting-data-with-the-sqldatasource-vb.md | 6 +- ...-data-with-the-sqldatasource-control-cs.md | 4 +- ...-data-with-the-sqldatasource-control-vb.md | 6 +- ...rized-queries-with-the-sqldatasource-cs.md | 6 +- ...rized-queries-with-the-sqldatasource-vb.md | 6 +- .../adding-additional-datatable-columns-cs.md | 6 +- .../adding-additional-datatable-columns-vb.md | 6 +- ...onnection-and-command-level-settings-cs.md | 6 +- ...onnection-and-command-level-settings-vb.md | 6 +- ...or-the-typed-dataset-s-tableadapters-cs.md | 4 +- ...or-the-typed-dataset-s-tableadapters-vb.md | 6 +- ...-defined-functions-with-managed-code-cs.md | 6 +- ...-defined-functions-with-managed-code-vb.md | 4 +- .../debugging-stored-procedures-cs.md | 6 +- .../debugging-stored-procedures-vb.md | 6 +- ...-and-other-configuration-information-cs.md | 6 +- ...-and-other-configuration-information-vb.md | 6 +- ...dating-the-tableadapter-to-use-joins-cs.md | 6 +- ...dating-the-tableadapter-to-use-joins-vb.md | 6 +- ...or-the-typed-dataset-s-tableadapters-cs.md | 6 +- ...or-the-typed-dataset-s-tableadapters-vb.md | 6 +- .../working-with-computed-columns-cs.md | 6 +- .../working-with-computed-columns-vb.md | 6 +- .../declarative-parameters-cs.md | 6 +- .../declarative-parameters-vb.md | 6 +- ...aying-data-with-the-objectdatasource-cs.md | 4 +- ...aying-data-with-the-objectdatasource-vb.md | 6 +- ...-objectdatasource-s-parameter-values-cs.md | 6 +- ...-objectdatasource-s-parameter-values-vb.md | 4 +- .../caching-data-at-application-startup-cs.md | 6 +- .../caching-data-at-application-startup-vb.md | 6 +- .../caching-data-in-the-architecture-cs.md | 6 +- .../caching-data-in-the-architecture-vb.md | 6 +- ...ching-data-with-the-objectdatasource-cs.md | 4 +- ...ching-data-with-the-objectdatasource-vb.md | 6 +- .../using-sql-cache-dependencies-cs.md | 6 +- .../using-sql-cache-dependencies-vb.md | 4 +- ...buttons-in-the-datalist-and-repeater-cs.md | 4 +- ...buttons-in-the-datalist-and-repeater-vb.md | 4 +- ...-responding-to-buttons-to-a-gridview-cs.md | 4 +- ...-responding-to-buttons-to-a-gridview-vb.md | 4 +- .../custom-formatting-based-upon-data-cs.md | 6 +- .../custom-formatting-based-upon-data-vb.md | 8 +- ...information-in-the-gridview-s-footer-cs.md | 6 +- ...information-in-the-gridview-s-footer-vb.md | 4 +- ...atefields-in-the-detailsview-control-cs.md | 6 +- ...atefields-in-the-detailsview-control-vb.md | 6 +- ...mplatefields-in-the-gridview-control-cs.md | 6 +- ...mplatefields-in-the-gridview-control-vb.md | 6 +- .../using-the-formview-s-templates-cs.md | 6 +- .../using-the-formview-s-templates-vb.md | 6 +- ...om-database-driven-site-map-provider-cs.md | 4 +- ...om-database-driven-site-map-provider-vb.md | 4 +- ...h-the-datalist-and-repeater-controls-cs.md | 4 +- ...h-the-datalist-and-repeater-controls-vb.md | 6 +- ...atalist-and-repeater-based-upon-data-cs.md | 8 +- ...atalist-and-repeater-based-upon-data-vb.md | 8 +- .../nested-data-web-controls-cs.md | 6 +- .../nested-data-web-controls-vb.md | 4 +- ...ds-per-row-with-the-datalist-control-cs.md | 6 +- ...ds-per-row-with-the-datalist-control-vb.md | 6 +- ...-to-the-datalist-s-editing-interface-cs.md | 6 +- ...-to-the-datalist-s-editing-interface-vb.md | 6 +- ...ng-and-deleting-data-in-the-datalist-cs.md | 4 +- ...ng-and-deleting-data-in-the-datalist-vb.md | 6 +- ...ing-the-datalist-s-editing-interface-cs.md | 6 +- ...ing-the-datalist-s-editing-interface-vb.md | 4 +- ...andling-bll-and-dal-level-exceptions-cs.md | 6 +- ...andling-bll-and-dal-level-exceptions-vb.md | 6 +- .../performing-batch-updates-cs.md | 6 +- .../performing-batch-updates-vb.md | 6 +- ...ient-side-confirmation-when-deleting-cs.md | 6 +- ...ient-side-confirmation-when-deleting-vb.md | 6 +- ...the-editing-and-inserting-interfaces-cs.md | 6 +- ...the-editing-and-inserting-interfaces-vb.md | 6 +- ...inserting-updating-and-deleting-data-cs.md | 4 +- ...inserting-updating-and-deleting-data-vb.md | 6 +- ...zing-the-data-modification-interface-cs.md | 6 +- ...zing-the-data-modification-interface-vb.md | 6 +- ...with-inserting-updating-and-deleting-cs.md | 6 +- ...with-inserting-updating-and-deleting-vb.md | 6 +- ...-level-exceptions-in-an-asp-net-page-cs.md | 6 +- ...-level-exceptions-in-an-asp-net-page-vb.md | 6 +- .../implementing-optimistic-concurrency-cs.md | 6 +- .../implementing-optimistic-concurrency-vb.md | 6 +- ...tion-functionality-based-on-the-user-cs.md | 6 +- ...tion-functionality-based-on-the-user-vb.md | 4 +- ...ding-a-gridview-column-of-checkboxes-cs.md | 6 +- ...ding-a-gridview-column-of-checkboxes-vb.md | 6 +- ...g-a-gridview-column-of-radio-buttons-cs.md | 4 +- ...g-a-gridview-column-of-radio-buttons-vb.md | 6 +- ...ew-record-from-the-gridview-s-footer-cs.md | 6 +- ...ew-record-from-the-gridview-s-footer-vb.md | 4 +- ...l-filtering-acess-two-pages-datalist-cs.md | 6 +- ...l-filtering-acess-two-pages-datalist-vb.md | 6 +- ...ltering-with-a-dropdownlist-datalist-cs.md | 4 +- ...ltering-with-a-dropdownlist-datalist-vb.md | 6 +- ...ster-records-with-a-details-datalist-cs.md | 6 +- ...ster-records-with-a-details-datalist-vb.md | 4 +- .../creating-a-business-logic-layer-cs.md | 6 +- .../creating-a-business-logic-layer-vb.md | 6 +- .../creating-a-data-access-layer-cs.md | 58 +- .../creating-a-data-access-layer-vb.md | 54 +- .../master-pages-and-site-navigation-cs.md | 6 +- .../master-pages-and-site-navigation-vb.md | 4 +- ...er-detail-filtering-across-two-pages-cs.md | 6 +- ...er-detail-filtering-across-two-pages-vb.md | 6 +- ...detail-filtering-with-a-dropdownlist-cs.md | 4 +- ...detail-filtering-with-a-dropdownlist-vb.md | 6 +- ...ail-filtering-with-two-dropdownlists-cs.md | 6 +- ...ail-filtering-with-two-dropdownlists-vb.md | 6 +- ...r-gridview-with-a-details-detailview-cs.md | 6 +- ...r-gridview-with-a-details-detailview-vb.md | 4 +- ...ta-in-a-datalist-or-repeater-control-cs.md | 4 +- ...ta-in-a-datalist-or-repeater-control-vb.md | 6 +- ...ta-in-a-datalist-or-repeater-control-cs.md | 6 +- ...ta-in-a-datalist-or-repeater-control-vb.md | 4 +- ...-a-customized-sorting-user-interface-cs.md | 6 +- ...-a-customized-sorting-user-interface-vb.md | 4 +- ...paging-through-large-amounts-of-data-cs.md | 12 +- ...paging-through-large-amounts-of-data-vb.md | 12 +- .../paging-and-sorting-report-data-cs.md | 4 +- .../paging-and-sorting-report-data-vb.md | 6 +- .../sorting-custom-paged-data-cs.md | 6 +- .../sorting-custom-paged-data-vb.md | 6 +- .../batch-deleting-cs.md | 6 +- .../batch-deleting-vb.md | 6 +- .../batch-inserting-cs.md | 6 +- .../batch-inserting-vb.md | 4 +- .../batch-updating-cs.md | 6 +- .../batch-updating-vb.md | 6 +- ...e-modifications-within-a-transaction-cs.md | 4 +- ...e-modifications-within-a-transaction-vb.md | 6 +- ...binary-data-in-the-data-web-controls-cs.md | 6 +- ...binary-data-in-the-data-web-controls-vb.md | 6 +- ...load-option-when-adding-a-new-record-cs.md | 6 +- ...load-option-when-adding-a-new-record-vb.md | 6 +- ...ng-and-deleting-existing-binary-data-cs.md | 6 +- ...ng-and-deleting-existing-binary-data-vb.md | 4 +- .../uploading-files-cs.md | 4 +- .../uploading-files-vb.md | 6 +- .../advanced-enterprise-web-deployment.md | 4 +- ...e-deployments-for-multiple-environments.md | 6 +- ...e-role-memberships-to-test-environments.md | 6 +- ...ip-databases-to-enterprise-environments.md | 6 +- ...uding-files-and-folders-from-deployment.md | 18 +- .../performing-a-what-if-deployment.md | 6 +- ...hell-scripts-from-msbuild-project-files.md | 6 +- ...eb-applications-offline-with-web-deploy.md | 6 +- .../troubleshooting-the-packaging-process.md | 4 +- ...ng-the-right-approach-to-web-deployment.md | 6 +- ...tabase-server-for-web-deploy-publishing.md | 12 +- ...eb-deploy-publishing-offline-deployment.md | 12 +- ...-for-web-deploy-publishing-remote-agent.md | 14 +- ...eb-deploy-publishing-web-deploy-handler.md | 12 +- ...ent-properties-for-a-target-environment.md | 28 +- ...-server-environments-for-web-deployment.md | 4 +- ...server-farm-with-the-web-farm-framework.md | 8 +- ...oduction-environment-for-web-deployment.md | 6 +- ...-staging-environment-for-web-deployment.md | 6 +- ...g-a-test-environment-for-web-deployment.md | 6 +- .../adding-content-to-source-control.md | 6 +- ...g-a-tfs-build-server-for-web-deployment.md | 6 +- ...g-permissions-for-team-build-deployment.md | 4 +- ...am-foundation-server-for-web-deployment.md | 4 +- ...ild-definition-that-supports-deployment.md | 6 +- .../creating-a-team-project-in-tfs.md | 16 +- .../deploying-a-specific-build.md | 6 +- ...nagement-from-development-to-production.md | 4 +- ...eb-applications-in-enterprise-scenarios.md | 4 +- ...rprise-web-deployment-scenario-overview.md | 6 +- .../command-line-deployment.md | 6 +- .../deploying-a-code-update.md | 6 +- .../deploying-a-database-update.md | 6 +- .../deploying-extra-files.md | 6 +- .../deploying-to-iis.md | 18 +- .../deploying-to-production.md | 20 +- .../introduction.md | 4 +- .../preparing-databases.md | 14 +- .../project-properties.md | 6 +- .../setting-folder-permissions.md | 6 +- .../troubleshooting.md | 8 +- .../web-config-transformations.md | 6 +- ...-and-packaging-web-application-projects.md | 10 +- ...g-parameters-for-web-package-deployment.md | 6 +- ...g-and-running-a-deployment-command-file.md | 6 +- .../deploying-database-projects.md | 8 +- .../deploying-web-packages.md | 6 +- .../manually-installing-web-packages.md | 4 +- ...setting-up-the-contact-manager-solution.md | 6 +- .../the-contact-manager-solution.md | 6 +- .../understanding-the-build-process.md | 6 +- .../understanding-the-project-file.md | 12 +- .../web-deployment-in-the-enterprise.md | 4 +- .../code-editing-in-web-forms-pages.md | 10 +- .../creating-a-basic-web-forms-page.md | 8 +- .../aspnet-error-handling.md | 16 +- .../checkout-and-payment-with-paypal.md | 46 +- .../create-the-project.md | 6 +- .../create_the_data_access_layer.md | 12 +- .../display_data_items_and_details.md | 8 +- .../introduction-and-overview.md | 8 +- .../membership-and-administration.md | 34 +- .../shopping-cart.md | 12 +- .../ui_and_navigation.md | 14 +- .../url-routing.md | 6 +- ...ng-page-inspector-in-visual-studio-2012.md | 22 +- ...d-web-development-in-visual-studio-2012.md | 66 +- .../whats-new-in-web-forms-in-aspnet-45.md | 50 +- .../overview/moving-to-aspnet-20/caching.md | 15 +- .../data-bound-controls.md | 2 +- .../moving-to-aspnet-20/master-pages.md | 6 +- .../profiles-themes-and-web-parts.md | 22 +- .../the-asp-net-2-0-page-model.md | 18 +- ...cation-and-profile-application-services.md | 6 +- ...ing-asp-net-ajax-debugging-capabilities.md | 4 +- ...understanding-asp-net-ajax-localization.md | 6 +- ...nding-asp-net-ajax-updatepanel-triggers.md | 6 +- ...understanding-asp-net-ajax-web-services.md | 6 +- ...-partial-page-updates-with-asp-net-ajax.md | 14 +- ...framework-in-an-asp-net-web-application.md | 6 +- ...framework-in-an-asp-net-web-application.md | 6 +- ...tasource-control-part-1-getting-started.md | 4 +- ...g-a-business-logic-layer-and-unit-tests.md | 6 +- ...ce-control-part-3-sorting-and-filtering.md | 6 +- .../what-s-new-in-the-entity-framework-4.md | 4 +- .../asp-net-hosting-options-cs.md | 4 +- .../asp-net-hosting-options-vb.md | 8 +- ...s-between-development-and-production-cs.md | 6 +- ...s-between-development-and-production-vb.md | 6 +- ...bsite-that-uses-application-services-cs.md | 6 +- ...bsite-that-uses-application-services-vb.md | 6 +- ...ation-to-use-the-production-database-cs.md | 8 +- ...ation-to-use-the-production-database-vb.md | 8 +- ...s-and-the-asp-net-development-server-cs.md | 6 +- ...s-and-the-asp-net-development-server-vb.md | 6 +- .../deploying-a-database-cs.md | 6 +- .../deploying-a-database-vb.md | 6 +- ...loying-your-site-using-an-ftp-client-cs.md | 6 +- ...loying-your-site-using-an-ftp-client-vb.md | 6 +- ...loying-your-site-using-visual-studio-cs.md | 6 +- ...loying-your-site-using-visual-studio-vb.md | 6 +- ...ining-what-files-need-to-be-deployed-cs.md | 6 +- ...ining-what-files-need-to-be-deployed-vb.md | 6 +- .../displaying-a-custom-error-page-cs.md | 6 +- .../displaying-a-custom-error-page-vb.md | 6 +- ...tails-with-asp-net-health-monitoring-cs.md | 6 +- ...tails-with-asp-net-health-monitoring-vb.md | 6 +- .../logging-error-details-with-elmah-cs.md | 6 +- .../logging-error-details-with-elmah-vb.md | 6 +- .../precompiling-your-website-cs.md | 6 +- .../precompiling-your-website-vb.md | 6 +- .../processing-unhandled-exceptions-cs.md | 6 +- .../processing-unhandled-exceptions-vb.md | 6 +- ...-database-development-and-deployment-cs.md | 6 +- ...-database-development-and-deployment-vb.md | 6 +- ...-and-roles-on-the-production-website-cs.md | 6 +- ...-and-roles-on-the-production-website-vb.md | 4 +- ...-configuring-project-properties-4-of-12.md | 6 +- ...installing-deployment-packages-12-of-12.md | 4 +- ...er-deploying-a-code-only-update-8-of-12.md | 6 +- ...der-deploying-a-database-update-9-of-12.md | 6 +- ...g-a-sql-server-database-update-11-of-12.md | 6 +- ...ng-sql-server-compact-databases-2-of-12.md | 6 +- ...ng-to-iis-as-a-test-environment-5-of-12.md | 6 +- ...g-to-the-production-environment-7-of-12.md | 6 +- ...a-hosting-provider-introduction-1-of-12.md | 4 +- ...ovider-migrating-to-sql-server-10-of-12.md | 8 +- ...ider-setting-folder-permissions-6-of-12.md | 6 +- ...web-config-file-transformations-3-of-12.md | 6 +- ...ework-and-aspnet-getting-started-part-1.md | 4 +- ...ework-and-aspnet-getting-started-part-2.md | 6 +- ...ework-and-aspnet-getting-started-part-3.md | 6 +- ...ework-and-aspnet-getting-started-part-4.md | 6 +- ...ework-and-aspnet-getting-started-part-5.md | 8 +- ...ework-and-aspnet-getting-started-part-6.md | 8 +- ...ework-and-aspnet-getting-started-part-7.md | 6 +- ...ework-and-aspnet-getting-started-part-8.md | 4 +- .../control-id-naming-in-content-pages-cs.md | 6 +- .../control-id-naming-in-content-pages-vb.md | 6 +- ...-site-wide-layout-using-master-pages-cs.md | 6 +- ...-site-wide-layout-using-master-pages-vb.md | 8 +- ...he-content-page-from-the-master-page-cs.md | 6 +- ...he-content-page-from-the-master-page-vb.md | 6 +- ...he-master-page-from-the-content-page-cs.md | 6 +- ...he-master-page-from-the-content-page-vb.md | 6 +- .../master-pages-and-asp-net-ajax-cs.md | 6 +- .../master-pages-and-asp-net-ajax-vb.md | 6 +- ...tentplaceholders-and-default-content-cs.md | 6 +- ...tentplaceholders-and-default-content-vb.md | 6 +- .../master-pages/nested-master-pages-cs.md | 6 +- .../master-pages/nested-master-pages-vb.md | 4 +- ...ing-the-master-page-programmatically-cs.md | 6 +- ...ing-the-master-page-programmatically-vb.md | 6 +- ...ther-html-headers-in-the-master-page-cs.md | 6 +- ...ther-html-headers-in-the-master-page-vb.md | 6 +- .../master-pages/urls-in-master-pages-cs.md | 6 +- .../master-pages/urls-in-master-pages-vb.md | 6 +- .../tailspin-spyworks-part-1.md | 4 +- .../tailspin-spyworks-part-2.md | 6 +- .../tailspin-spyworks-part-3.md | 6 +- .../tailspin-spyworks-part-4.md | 6 +- .../tailspin-spyworks-part-5.md | 6 +- .../tailspin-spyworks-part-6.md | 6 +- .../tailspin-spyworks-part-7.md | 6 +- .../tailspin-spyworks-part-8.md | 4 +- ...to-select-one-user-account-from-many-cs.md | 4 +- ...to-select-one-user-account-from-many-vb.md | 6 +- .../recovering-and-changing-passwords-cs.md | 6 +- .../recovering-and-changing-passwords-vb.md | 6 +- ...nlocking-and-approving-user-accounts-cs.md | 6 +- ...nlocking-and-approving-user-accounts-vb.md | 4 +- .../an-overview-of-forms-authentication-cs.md | 6 +- .../an-overview-of-forms-authentication-vb.md | 6 +- ...on-configuration-and-advanced-topics-cs.md | 33 +- ...on-configuration-and-advanced-topics-vb.md | 31 +- .../security-basics-and-asp-net-support-cs.md | 4 +- .../security-basics-and-asp-net-support-vb.md | 6 +- ...-the-membership-schema-in-sql-server-cs.md | 8 +- ...-the-membership-schema-in-sql-server-vb.md | 10 +- .../membership/creating-user-accounts-cs.md | 6 +- .../membership/creating-user-accounts-vb.md | 6 +- .../storing-additional-user-information-cs.md | 18 +- .../storing-additional-user-information-vb.md | 16 +- .../membership/user-based-authorization-cs.md | 8 +- .../membership/user-based-authorization-vb.md | 8 +- ...ls-against-the-membership-user-store-cs.md | 6 +- ...ls-against-the-membership-user-store-vb.md | 6 +- .../roles/assigning-roles-to-users-cs.md | 6 +- .../roles/assigning-roles-to-users-vb.md | 6 +- .../roles/creating-and-managing-roles-cs.md | 8 +- .../roles/creating-and-managing-roles-vb.md | 10 +- .../roles/role-based-authorization-cs.md | 30 +- .../roles/role-based-authorization-vb.md | 28 +- ...using-asynchronous-methods-in-aspnet-45.md | 10 +- .../adding-business-logic-layer.md | 4 +- .../model-binding/integrating-jquery-ui.md | 6 +- .../model-binding/retrieving-data.md | 4 +- .../sorting-paging-and-filtering-data.md | 6 +- .../updating-deleting-and-creating-data.md | 6 +- ...ng-query-string-values-to-retrieve-data.md | 6 +- ...n-email-confirmation-and-password-reset.md | 10 +- ...-app-with-sms-two-factor-authentication.md | 6 +- .../ajax-control-toolkit/color-picker.md | 6 +- .../videos/ajax-control-toolkit/combo-box.md | 6 +- .../ajax-control-toolkit/control-extenders.md | 6 +- .../create-a-new-custom-extender.md | 4 +- .../editor-control-custom.md | 6 +- .../ajax-control-toolkit/editor-control.md | 6 +- ...figure-the-aspnet-ajax-calendar-control.md | 6 +- ...-aspnet-ajax-animation-extender-control.md | 6 +- ...ed-with-the-aspnet-ajax-control-toolkit.md | 4 +- ...w-do-i-the-ajax-toolkit-reorder-control.md | 6 +- ...i-use-the-aspnet-ajax-accordion-control.md | 6 +- ...net-ajax-alwaysvisible-control-extender.md | 6 +- ...se-the-aspnet-ajax-autocomplete-control.md | 6 +- ...ajax-cascadingdropdown-control-extender.md | 6 +- ...-aspnet-ajax-collapsable-panel-extender.md | 6 +- ...-the-aspnet-ajax-confirmbutton-extender.md | 6 +- ...he-aspnet-ajax-draggable-panel-extender.md | 6 +- ...-i-use-the-aspnet-ajax-dropdown-control.md | 6 +- ...use-the-aspnet-ajax-dropshadow-extender.md | 6 +- ...he-aspnet-ajax-dynamicpopulate-extender.md | 6 +- ...he-aspnet-ajax-filteredtextbox-extender.md | 6 +- ...-use-the-aspnet-ajax-hovermenu-extender.md | 6 +- ...use-the-aspnet-ajax-listsearch-extender.md | 6 +- ...use-the-aspnet-ajax-maskededit-controls.md | 6 +- ...aspnet-ajax-modalpopup-extender-control.md | 6 +- ...jax-mutuallyexclusive-checkbox-extender.md | 6 +- ...-do-i-use-the-aspnet-ajax-nobot-control.md | 6 +- ...e-aspnet-ajax-passwordstrength-extender.md | 6 +- ...-the-aspnet-ajax-popup-control-extender.md | 6 +- ...e-aspnet-ajax-resizablecontrol-extender.md | 6 +- ...do-i-use-the-aspnet-ajax-slider-control.md | 6 +- ...-use-the-aspnet-ajax-slideshow-extender.md | 6 +- ...w-do-i-use-the-aspnet-ajax-tabs-control.md | 6 +- ...-ajax-textboxwatermark-control-extender.md | 6 +- ...e-the-aspnet-ajax-togglebutton-extender.md | 6 +- ...pnet-ajax-updatepanelanimation-extender.md | 6 +- ...e-aspnet-ajax-validatorcallout-extender.md | 6 +- ...-use-the-numericupdown-extender-control.md | 6 +- ...the-pagingbulletedlist-extender-control.md | 6 +- ...ax-rating-control-in-the-aspnet-toolkit.md | 6 +- ...unctionality-to-an-existing-aspnet-page.md | 6 +- ...-data-services-with-aspnet-ajax-support.md | 6 +- ...net-ajax-a-demonstration-of-aspnet-ajax.md | 6 +- ...pnet-ajax-support-in-visual-studio-2008.md | 4 +- ...-ajax-enabled-web-service-in-a-web-site.md | 6 +- .../introduction-to-aspnet-ajax-history.md | 6 +- ...t-combining-to-improve-ajax-performance.md | 4 +- .../data-controls/the-datapager-control.md | 4 +- .../data-controls/the-listview-control.md | 4 +- ...-css-file-and-create-new-css-on-the-fly.md | 6 +- ...ing-style-sheet-features-and-management.md | 6 +- ...ding-style-sheets-in-visual-studio-2008.md | 6 +- ...-20-windows-forms-application-to-net-35.md | 6 +- ...ate-a-master-page-in-visual-studio-2008.md | 4 +- ...ested-master-page-in-visual-studio-2008.md | 6 +- ...i-get-started-with-the-entity-framework.md | 6 +- ...alize-a-graph-with-the-entity-framework.md | 6 +- ...the-aspnet-compiler-and-merge-utilities.md | 4 +- ...how-do-i-use-the-new-entity-data-source.md | 6 +- ...g-with-visual-studio-2008-net-framework.md | 6 +- .../creating-and-modifying-a-css-file.md | 4 +- ...ntellisense-for-jscript-and-aspnet-ajax.md | 6 +- ...ascript-debugging-in-visual-studio-2008.md | 6 +- ...ellisense-support-in-visual-studio-2008.md | 6 +- ...targeting-support-in-visual-studio-2008.md | 6 +- ...-designer-support-in-visual-studio-2008.md | 4 +- ...2008-integrated-development-environment.md | 6 +- ...tication-in-an-ajax-enabled-application.md | 6 +- ...features-to-an-existing-web-application.md | 6 +- ...net-ajax-enable-an-existing-web-service.md | 6 +- ...-behavior-with-an-aspnet-server-control.md | 6 +- ...ild-a-custom-aspnet-ajax-server-control.md | 6 +- ...s-that-work-with-or-without-aspnet-ajax.md | 6 +- ...se-between-methods-of-ajax-page-updates.md | 6 +- ...te-an-aspnet-ajax-extender-from-scratch.md | 6 +- ...andling-for-the-aspnet-ajax-updatepanel.md | 6 +- ...x-applications-using-visual-studio-2005.md | 6 +- ...r-an-asynchronous-postback-has-occurred.md | 6 +- .../how-do-i-get-started-with-aspnet-ajax.md | 4 +- ...c-partial-page-updates-with-aspnet-ajax.md | 6 +- ...ement-the-ajax-after-processing-pattern.md | 6 +- ...e-ajax-incremental-page-display-pattern.md | 6 +- ...-do-i-implement-the-ajax-paging-pattern.md | 6 +- ...display-pattern-using-http-get-and-post.md | 6 +- ...mmunications-pattern-using-web-services.md | 6 +- ...unications-pattern-with-the-updatepanel.md | 6 +- ...t-the-predictive-fetch-pattern-for-ajax.md | 6 +- ...o-i-localize-an-aspnet-ajax-application.md | 6 +- ...side-network-callbacks-with-aspnet-ajax.md | 6 +- ...e-values-from-server-side-ajax-controls.md | 6 +- ...nel-refresh-from-a-dropdownlist-control.md | 6 +- ...iple-regions-of-a-page-with-aspnet-ajax.md | 6 +- ...i-use-an-aspnet-ajax-scriptmanagerproxy.md | 6 +- ...w-do-i-use-aspnet-ajax-client-templates.md | 4 +- ...t-to-refresh-an-aspnet-ajax-updatepanel.md | 6 +- ...er-interface-libraries-with-aspnet-ajax.md | 6 +- ...the-aspnet-ajax-client-library-controls.md | 6 +- ...o-i-use-the-aspnet-ajax-history-control.md | 6 +- ...-i-use-the-aspnet-ajax-profile-services.md | 6 +- ...the-aspnet-ajax-roundedcorners-extender.md | 6 +- ...-do-i-use-the-aspnet-ajax-timer-control.md | 6 +- ...-the-aspnet-ajax-updateprogress-control.md | 6 +- ...nditional-updatemode-of-the-updatepanel.md | 6 +- ...-dynamically-add-controls-to-a-web-page.md | 6 +- ...e-css-using-the-aspnet-ajax-updatepanel.md | 6 +- ...mplement-infinite-data-patterns-in-ajax.md | 6 +- ...r-development-environment-for-aspnet-20.md | 6 +- ...r-development-environment-for-aspnet-35.md | 6 +- ...for-triggering-updates-to-update-panels.md | 6 +- ...-drop-down-control-to-access-a-database.md | 6 +- ...net-dynamic-data-custom-form-formatting.md | 4 +- ...tes-in-aspnet-dynamic-data-applications.md | 6 +- ...amic-data-applications-with-url-routing.md | 6 +- ...ing-in-aspnet-dynamic-data-applications.md | 6 +- .../getting-started-with-dynamic-data.md | 6 +- .../how-do-i-change-how-my-fields-render.md | 6 +- .../how-do-i-display-unknown-datatypes.md | 6 +- ...how-do-i-enable-inline-gridview-editing.md | 6 +- ...w-do-i-handle-business-logic-exceptions.md | 6 +- .../how-do-i-make-custom-pages.md | 6 +- ...ol-in-listview-and-detailsview-controls.md | 6 +- ...s-in-an-aspnet-dynamic-data-application.md | 6 +- ...ic-routing-in-dynamic-data-applications.md | 6 +- ...dation-with-imperative-logic-in-vb-or-c.md | 6 +- ...olumns-from-your-dynamicdata-data-grids.md | 6 +- ...ion-in-aspnet-dynamic-data-applications.md | 6 +- ...first-scaffold-and-what-is-dynamic-data.md | 4 +- .../aspnet-45-web-forms-model-binding.md | 6 +- ...45-web-forms-strong-typed-data-controls.md | 6 +- .../aspnet-and-web-tools-20122.md | 4 +- ...-vnext-videos-bundling-and-minification.md | 6 +- ...eos-model-binding-part-1-selecting-data.md | 6 +- ...t-videos-model-binding-part-2-filtering.md | 6 +- ...xt-videos-model-binding-part-3-updating.md | 6 +- ...ext-videos-strongly-typed-data-controls.md | 4 +- ...started-with-the-next-version-of-aspnet.md | 6 +- ...ustom-data-to-the-authentication-method.md | 6 +- .../adding-users-to-your-membership-system.md | 6 +- .../asp-forms-login-relocation.md | 6 +- ...ttings-in-the-default-membership-schema.md | 6 +- ...ing-sql-to-work-with-membership-schemas.md | 6 +- .../authentication/creating-inactive-users.md | 6 +- ...creating-user-accounts-programmatically.md | 6 +- ...er-accounts-with-the-create-user-wizard.md | 6 +- .../forms-login-custom-key-configuration.md | 6 +- ...nge-the-forms-authentication-properties.md | 6 +- ...authentication-in-an-aspnet-application.md | 6 +- ...t-the-registration-verification-pattern.md | 6 +- ...gging-users-into-your-membership-system.md | 6 +- .../simple-web-service-authentication.md | 6 +- .../authentication/sql-injection-defense.md | 4 +- .../understanding-aspnet-memberships.md | 6 +- .../use-custom-principal-objects.md | 6 +- ...ng-basic-forms-authentication-in-aspnet.md | 4 +- .../validating-users-manually.md | 6 +- ...validating-users-with-the-login-control.md | 6 +- ...arted-with-visual-web-developer-express.md | 4 +- ...n-2-creating-a-web-forms-user-interface.md | 6 +- ...standing-more-about-events-and-postback.md | 6 +- ...n-4-understanding-web-application-state.md | 6 +- ...on-5-debugging-and-tracing-your-website.md | 6 +- ...rking-with-stylesheets-and-master-pages.md | 6 +- ...-databinding-to-user-interface-controls.md | 6 +- ...-working-with-the-gridview-and-formview.md | 6 +- .../watch-aspnet-development-in-action.md | 4 +- ...ta-access-layers-in-aspnet-applications.md | 4 +- ...o-manually-bind-a-dataset-to-a-datagrid.md | 6 +- ...ets-and-filters-from-an-asp-application.md | 4 +- ...-do-i-linq-to-sql-custom-linqdatasource.md | 6 +- .../how-do-i-linq-to-sql-data-model.md | 6 +- ...o-i-linq-to-sql-executing-arbitrary-sql.md | 4 +- .../how-do-i-linq-to-sql-linqdatasource.md | 6 +- .../how-do-i-linq-to-sql-overview.md | 4 +- ...-do-i-linq-to-sql-querying-the-database.md | 6 +- ...-do-i-linq-to-sql-updating-the-database.md | 6 +- ...-to-sql-updating-with-stored-procedures.md | 6 +- ...o-i-linq-to-sql-using-stored-procedures.md | 6 +- ...te-excel-spreadsheets-using-linq-to-xml.md | 4 +- ...do-i-create-xml-documents-from-sql-data.md | 6 +- ...xml-intellisense-and-use-xml-namespaces.md | 6 +- .../how-do-i-get-started-with-linq-to-xml.md | 6 +- .../how-do-i-get-started-with-linq.md | 4 +- ...o-i-perform-group-and-aggregate-queries.md | 6 +- ...de-visual-basic-projects-to-enable-linq.md | 6 +- .../videos/iis/bit-rate-throttling.md | 6 +- .../iis/creating-a-site-with-iis7-manager.md | 6 +- ...oping-and-deploying-in-a-shared-hosting.md | 4 +- .../feature-specific-delegated-management.md | 6 +- aspnet/web-forms/videos/iis/iis7-playlists.md | 4 +- .../web-forms/videos/iis/installing-ftp7.md | 6 +- .../troubleshooting-production-aspnet-apps.md | 6 +- .../iis/working-with-iis7-deligated-admin.md | 6 +- ...op-between-php-and-the-windows-platform.md | 4 +- ...tro-to-aspnet-20-aspnet-20-fundamentals.md | 4 +- ...ro-to-aspnet-20-user-interface-elements.md | 6 +- ...lopers-adding-aspnet-to-your-repertoire.md | 6 +- ...or-jsp-developers-building-applications.md | 6 +- ...for-jsp-developers-welcome-to-aspnet-20.md | 6 +- ...velopers-building-an-aspnet-application.md | 6 +- .../migrating-from-classic-asp-to-aspnet.md | 6 +- .../aspnet-4-quick-hit-ajax-data-templates.md | 4 +- ...ntax-for-microsoft-client-side-controls.md | 4 +- ...ck-hit-jquery-syntax-for-microsoft-ajax.md | 6 +- .../aspnet-4-quick-hit-the-scriptloader.md | 6 +- ...new-chart-control-in-visual-studio-2010.md | 4 +- .../chart/aspnet-4-quick-hit-chart-control.md | 4 +- .../core/aspnet-4-quick-hit-auto-start.md | 4 +- ...spnet-4-quick-hit-clean-webconfig-files.md | 6 +- ...pnet-4-quick-hit-predictable-client-ids.md | 6 +- ...uick-hit-the-htmlencoder-utility-method.md | 4 +- ...et-4-quick-hit-disabled-control-styling.md | 4 +- .../aspnet-4-quick-hit-hidden-field-divs.md | 6 +- ...-check-box-lists-and-radio-button-lists.md | 4 +- ...quick-hit-table-free-templated-controls.md | 6 +- ...pnet-4-quick-hit-tableless-menu-control.md | 6 +- ...pnet-4-quick-hit-easy-state-compression.md | 6 +- ...aspnet-4-quick-hit-selective-view-state.md | 4 +- ...atemode-property-for-managing-viewstate.md | 4 +- ...-quick-hit-declarative-webforms-routing.md | 6 +- ...4-quick-hit-imperative-webforms-routing.md | 6 +- ...t-4-quick-hit-outbound-webforms-routing.md | 6 +- .../aspnet-4-quick-hit-permanent-redirect.md | 4 +- ...-do-i-use-routing-with-aspnet-web-forms.md | 6 +- ...w-do-i-work-with-urls-in-aspnet-routing.md | 4 +- ...usiness-intelligence-development-studio.md | 6 +- ...tion-to-sql-server-2005-express-edition.md | 6 +- .../creating-and-using-stored-procedures.md | 6 +- .../designing-relational-database-tables.md | 6 +- ...ling-full-text-search-in-your-text-data.md | 4 +- ...getting-started-with-reporting-services.md | 6 +- .../sql-2005/manipulating-database-data.md | 6 +- ...-column-data-types-and-other-properties.md | 6 +- .../more-structured-query-language.md | 6 +- ...derstanding-database-tables-and-records.md | 6 +- ...nding-security-and-network-connectivity.md | 6 +- .../using-sql-server-management-studio.md | 6 +- .../videos/sql-2005/what-is-a-database.md | 4 +- ...works-adding-items-to-the-shopping-cart.md | 6 +- ...in-spyworks-adding-user-product-reviews.md | 6 +- .../tailspin-spyworks-category-menu.md | 6 +- ...-and-using-the-popular-products-control.md | 4 +- ...ailspin-spyworks-directory-organization.md | 6 +- ...in-spyworks-display-per-product-details.md | 6 +- ...tailspin-spyworks-display-shopping-cart.md | 6 +- ...lspin-spyworks-display-the-product-list.md | 6 +- ...ilspin-spyworks-displaying-user-reviews.md | 4 +- .../tailspin-spyworks-final-check-out.md | 6 +- ...ng-and-using-the-also-purchased-control.md | 6 +- .../tailspin-spyworks-intro-ui-and-edm.md | 6 +- ...spin-spyworks-migrate-the-shopping-cart.md | 6 +- ...lspin-spyworks-update-the-shopping-cart.md | 6 +- ...o-2010-quick-hit-code-optimized-profile.md | 4 +- ...10-quick-hit-code-search-view-hierarchy.md | 6 +- ...2010-quick-hit-intellisense-smart-lists.md | 6 +- ...io-2010-quick-hit-multi-monitor-support.md | 6 +- ...udio-2010-quick-hit-new-multi-targeting.md | 6 +- ...2010-quick-hit-new-web-project-template.md | 6 +- ...io-2010-quick-hit-snippets-intellisense.md | 4 +- ...ck-hit-websites-instead-of-web-projects.md | 6 +- .../code-coverage-of-automated-tests.md | 6 +- ...om-extraction-rules-and-coded-web-tests.md | 6 +- ...-do-i-automate-testing-using-team-build.md | 6 +- .../how-do-i-create-my-own-bug-work-item.md | 6 +- ...y-a-web-application-during-a-team-build.md | 6 +- ...application-changes-prior-to-deployment.md | 6 +- ...nd-profiling-in-production-applications.md | 6 +- ...rce-coding-standards-with-code-analysis.md | 6 +- ...inuous-integration-with-team-foundation.md | 6 +- ...-integrate-defect-tracking-with-testing.md | 6 +- .../how-do-i-load-test-a-web-application.md | 6 +- ...w-do-i-practice-test-driven-development.md | 6 +- ...w-do-i-publish-and-analyze-test-results.md | 6 +- ...-unit-tests-against-a-deployed-database.md | 6 +- ...uted-load-testing-for-high-volume-tests.md | 6 +- ...-application-performance-with-profiling.md | 6 +- .../vs-2005/how-do-i-use-generic-tests.md | 6 +- ...write-code-more-quickly-with-unit-tests.md | 6 +- ...sting-web-applications-with-team-system.md | 6 +- ...ging-and-running-tests-with-team-system.md | 6 +- ...tion-to-manual-testing-with-team-system.md | 6 +- ...sting-web-applications-with-team-system.md | 6 +- ...uction-to-unit-testing-with-team-system.md | 4 +- .../measuring-the-business-value-of-ajax.md | 6 +- .../videos/vs-2005/the-effects-of-caching.md | 6 +- .../vs-2005/the-effects-of-viewstate.md | 6 +- .../vs-2005/using-the-load-test-agent.md | 6 +- ...cation-projects-web-deployment-projects.md | 4 +- .../videos/vs-2005/web-deployment-projects.md | 6 +- .../asp-net-web-pages-api-reference.md | 2 +- .../overview/data/5-working-with-data.md | 2 +- .../data/7-displaying-data-in-a-chart.md | 2 +- .../11-adding-email-to-your-web-site.md | 34 +- ...ding-social-networking-to-your-web-site.md | 6 +- .../deleting-data.md | 6 +- .../displaying-data.md | 6 +- .../entering-data.md | 8 +- .../form-basics.md | 6 +- .../getting-started.md | 4 +- .../intro-to-web-pages-programming.md | 8 +- .../introducing-aspnet-web-pages-2/layouts.md | 8 +- .../publishing.md | 8 +- .../updating-data.md | 8 +- .../introducing-razor-syntax-c.md | 46 +- .../introducing-razor-syntax-vb.md | 42 +- ...gram-asp-net-web-pages-in-visual-studio.md | 2 +- ...pnet-web-pages-sites-for-mobile-devices.md | 2 +- ...et-web-pages-2-developer-preview-readme.md | 2 +- .../running-v1-and-v2-sites-side-by-side.md | 2 +- .../releases/top-features-in-web-pages-2.md | 12 +- .../whats-new-in-aspnet-web-pages-32.md | 3 +- .../16-adding-security-and-membership.md | 48 +- ...t-web-pages-razor-troubleshooting-guide.md | 2 +- .../introduction-to-debugging.md | 16 +- .../18-customizing-site-wide-behavior.md | 28 +- ...laying-maps-in-an-aspnet-web-pages-site.md | 12 +- .../installing-helpers.md | 6 +- ...ng-user-input-in-aspnet-web-pages-sites.md | 20 +- aspnet/web-pages/readme/beta3.md | 22 +- aspnet/web-pages/readme/overview.md | 15 +- .../adding-email-to-your-web-site.md | 6 +- .../adding-search-to-your-web-site.md | 6 +- ...dding-social-networking-to-your-website.md | 4 +- .../creating-a-consistent-look-part-1.md | 6 +- .../creating-a-consistent-look-part-2.md | 6 +- .../displaying-data-in-a-chart-part-1.md | 6 +- .../displaying-data-in-a-chart-part-2.md | 6 +- .../displaying-data-in-a-grid.md | 6 +- ...ted-with-webmatrix-and-aspnet-web-pages.md | 4 +- ...-web-programming-using-the-razor-syntax.md | 6 +- .../working-with-data-part-1.md | 6 +- .../working-with-data-part-2.md | 6 +- .../aspnet-razor-pages/working-with-files.md | 6 +- .../working-with-forms-part-1.md | 6 +- .../working-with-forms-part-2.md | 6 +- .../aspnet-razor-pages/working-with-images.md | 6 +- .../aspnet-razor-pages/working-with-video.md | 6 +- aspnet/webhooks/receiving/receivers.md | 2 +- ...o-your-aspnet-web-forms-mvc-application.md | 4 +- .../whitepapers/aspnet4/breaking-changes.md | 2 +- aspnet/whitepapers/aspnet4/overview.md | 4 +- aspnet/whitepapers/ms03-32-issue.md | 4 +- aspnet/whitepapers/mvc3-release-notes.md | 4 +- aspnet/whitepapers/mvc4-beta-release-notes.md | 22 +- aspnet/whitepapers/mvc4-release-notes.md | 21 +- aspnetcore/client-side/bower.md | 10 +- .../client-side/bundling-and-minification.md | 22 +- aspnetcore/client-side/spa-services.md | 5 +- aspnetcore/client-side/using-grunt.md | 26 +- aspnetcore/data/ef-mvc/advanced.md | 4 +- aspnetcore/data/ef-mvc/complex-data-model.md | 6 +- aspnetcore/data/ef-mvc/concurrency.md | 6 +- aspnetcore/data/ef-mvc/crud.md | 6 +- aspnetcore/data/ef-mvc/index.md | 2 +- aspnetcore/data/ef-mvc/inheritance.md | 6 +- aspnetcore/data/ef-mvc/intro.md | 10 +- aspnetcore/data/ef-mvc/migrations.md | 6 +- aspnetcore/data/ef-mvc/sort-filter-page.md | 6 +- aspnetcore/data/ef-mvc/update-related-data.md | 6 +- aspnetcore/data/ef-rp/complex-data-model.md | 18 +- aspnetcore/data/ef-rp/concurrency.md | 18 +- aspnetcore/data/ef-rp/crud.md | 8 +- aspnetcore/data/ef-rp/intro.md | 10 +- aspnetcore/data/ef-rp/migrations.md | 8 +- aspnetcore/data/ef-rp/read-related-data.md | 28 +- aspnetcore/data/ef-rp/sort-filter-page.md | 8 +- aspnetcore/data/ef-rp/update-related-data.md | 8 +- aspnetcore/docfx.json | 7 +- aspnetcore/fundamentals/app-state.md | 27 +- .../fundamentals/configuration/index.md | 12 +- aspnetcore/fundamentals/hosting.md | 9 +- aspnetcore/fundamentals/index.md | 18 +- aspnetcore/fundamentals/logging/index.md | 40 +- aspnetcore/fundamentals/metapackage.md | 4 +- aspnetcore/fundamentals/owin.md | 1 + aspnetcore/fundamentals/servers/httpsys.md | 17 +- aspnetcore/fundamentals/servers/kestrel.md | 42 +- aspnetcore/fundamentals/static-files.md | 9 +- aspnetcore/fundamentals/url-rewriting.md | 63 +- .../url-rewriting/sample/README.md | 14 +- aspnetcore/getting-started.md | 10 +- .../azure-apps/azure-continuous-deployment.md | 4 +- .../host-and-deploy/azure-apps/index.md | 2 +- .../azure-apps/troubleshoot.md | 2 +- .../azure-iis-errors-reference.md | 2 +- .../host-and-deploy/directory-structure.md | 8 +- .../iis/development-time-iis-support.md | 2 +- aspnetcore/host-and-deploy/iis/modules.md | 14 +- aspnetcore/host-and-deploy/windows-service.md | 40 +- aspnetcore/includes/RP/model4.md | 2 +- aspnetcore/includes/RP/model4test.md | 2 +- aspnetcore/includes/RP/sql.md | 4 +- .../includes/net-core-prereqs-vscode.md | 2 +- aspnetcore/includes/net-core-prereqs.md | 2 +- aspnetcore/migration/http-modules.md | 42 +- aspnetcore/migration/proper-to-2x/index.md | 2 +- aspnetcore/mvc/razor-pages/index.md | 4 +- .../sample/README.md | 13 +- aspnetcore/mvc/views/razor.md | 6 +- aspnetcore/mvc/views/tag-helpers/authoring.md | 258 ++++---- .../tag-helpers/built-in/anchor-tag-helper.md | 2 +- .../tag-helpers/built-in/cache-tag-helper.md | 74 ++- aspnetcore/mvc/views/tag-helpers/intro.md | 2 +- aspnetcore/mvc/views/view-compilation.md | 12 +- .../performance/response-compression.md | 36 +- aspnetcore/security/app-secrets.md | 11 +- .../security/authentication/accconfirm.md | 32 +- .../authentication/azure-ad-b2c-webapi.md | 44 +- aspnetcore/security/authentication/cookie.md | 27 +- .../authentication/identity-configuration.md | 97 +-- .../identity-primary-key-configuration.md | 27 +- .../security/authentication/identity.md | 194 +++--- .../authentication/social/facebook-logins.md | 13 +- .../authentication/social/google-logins.md | 11 +- .../authentication/social/microsoft-logins.md | 11 +- .../authentication/social/twitter-logins.md | 11 +- .../security/authentication/windowsauth.md | 9 +- .../security/authentication/ws-federation.md | 2 +- .../sample/README.md | 11 +- .../security/authorization/resourcebased.md | 35 +- aspnetcore/security/cookie-sharing.md | 27 +- .../extensibility/core-crypto.md | 2 +- .../security/key-vault-configuration.md | 40 +- .../samples/basic-sample/1.x/README.md | 25 +- .../samples/basic-sample/2.x/README.md | 25 +- .../key-name-prefix-sample/1.x/README.md | 15 +- .../key-name-prefix-sample/2.x/README.md | 15 +- aspnetcore/signalr/get-started.md | 56 +- aspnetcore/spa/angular.md | 11 +- aspnetcore/spa/index.md | 2 +- .../first-mvc-app-mac/adding-controller.md | 10 +- .../first-mvc-app-mac/adding-model.md | 12 +- .../first-mvc-app-mac/adding-view.md | 10 +- .../controller-methods-views.md | 8 +- .../tutorials/first-mvc-app-mac/index.md | 2 +- .../tutorials/first-mvc-app-mac/new-field.md | 8 +- .../tutorials/first-mvc-app-mac/search.md | 12 +- .../tutorials/first-mvc-app-mac/start-mvc.md | 8 +- .../tutorials/first-mvc-app-mac/validation.md | 8 +- .../first-mvc-app-mac/working-with-sql.md | 8 +- .../first-mvc-app-xplat/adding-controller.md | 12 +- .../first-mvc-app-xplat/adding-model.md | 12 +- .../first-mvc-app-xplat/adding-view.md | 10 +- .../controller-methods-views.md | 8 +- .../tutorials/first-mvc-app-xplat/index.md | 2 +- .../first-mvc-app-xplat/new-field.md | 8 +- .../tutorials/first-mvc-app-xplat/search.md | 12 +- .../first-mvc-app-xplat/start-mvc.md | 8 +- .../first-mvc-app-xplat/validation.md | 8 +- .../first-mvc-app-xplat/working-with-sql.md | 8 +- .../first-mvc-app/adding-controller.md | 10 +- .../tutorials/first-mvc-app/adding-model.md | 22 +- .../tutorials/first-mvc-app/adding-view.md | 10 +- .../first-mvc-app/controller-methods-views.md | 8 +- aspnetcore/tutorials/first-mvc-app/details.md | 4 +- aspnetcore/tutorials/first-mvc-app/index.md | 2 +- .../tutorials/first-mvc-app/new-field.md | 6 +- aspnetcore/tutorials/first-mvc-app/search.md | 12 +- .../tutorials/first-mvc-app/start-mvc.md | 17 +- .../tutorials/first-mvc-app/validation.md | 8 +- .../first-mvc-app/working-with-sql.md | 21 +- aspnetcore/tutorials/first-web-api-mac.md | 8 +- aspnetcore/tutorials/first-web-api.md | 12 +- .../tutorials/getting-started-with-NSwag.md | 12 +- .../getting-started-with-swashbuckle.md | 14 +- .../publish-to-azure-webapp-using-cli.md | 4 +- .../publish-to-azure-webapp-using-vs.md | 2 +- aspnetcore/tutorials/razor-pages-mac/da1.md | 10 +- aspnetcore/tutorials/razor-pages-mac/model.md | 22 +- aspnetcore/tutorials/razor-pages-mac/page.md | 10 +- .../razor-pages-mac/razor-pages-start.md | 8 +- .../tutorials/razor-pages-mac/search.md | 8 +- aspnetcore/tutorials/razor-pages-mac/sql.md | 9 +- aspnetcore/tutorials/razor-pages-vsc/da1.md | 10 +- aspnetcore/tutorials/razor-pages-vsc/index.md | 10 +- aspnetcore/tutorials/razor-pages-vsc/model.md | 18 +- aspnetcore/tutorials/razor-pages-vsc/page.md | 10 +- .../razor-pages-vsc/razor-pages-start.md | 8 +- .../tutorials/razor-pages-vsc/search.md | 8 +- aspnetcore/tutorials/razor-pages-vsc/sql.md | 9 +- aspnetcore/tutorials/razor-pages/da1.md | 8 +- aspnetcore/tutorials/razor-pages/model.md | 16 +- aspnetcore/tutorials/razor-pages/new-field.md | 6 +- aspnetcore/tutorials/razor-pages/page.md | 10 +- .../razor-pages/razor-pages-start.md | 10 +- aspnetcore/tutorials/razor-pages/search.md | 6 +- aspnetcore/tutorials/razor-pages/sql.md | 10 +- .../tutorials/razor-pages/uploading-files.md | 4 +- .../tutorials/razor-pages/validation.md | 6 +- aspnetcore/tutorials/web-api-vsc.md | 13 +- .../action-return-types/samples/README.md | 12 +- aspnetcore/web-api/advanced/formatting.md | 8 +- 1273 files changed, 6324 insertions(+), 6360 deletions(-) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/automate-everything.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/automate-everything.md index 02d88ec1befa..f1b906419d60 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/automate-everything.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/automate-everything.md @@ -123,7 +123,7 @@ The first thing the script does is create the web app by calling the `New-AzureW ### Create the storage account -Then the main script runs the New-AzureStorage.ps1 script, specifying "<websitename>storage" for the storage account name, and the same data center location as the web app. +Then the main script runs the *New-AzureStorage.ps1* script, specifying "*<websitename>*storage" for the storage account name, and the same data center location as the web app. [!code-powershell[Main](automate-everything/samples/sample4.ps1?highlight=3)] @@ -259,6 +259,6 @@ In the [next chapter](source-control.md) we'll look at source code and explain w - [Using Windows PowerShell Scripts to Publish to Dev and Test Environments](https://msdn.microsoft.com/library/azure/dn642480.aspx). MSDN documentation that explains how to use publish scripts that Visual Studio automatically generates for web projects. - [PowerShell Tools for Visual Studio 2013](https://visualstudiogallery.msdn.microsoft.com/c9eb3ba8-0c59-4944-9a62-6eee37294597). Visual Studio extension that adds language support for Windows PowerShell in Visual Studio. -> [!div class="step-by-step"] -> [Previous](introduction.md) -> [Next](source-control.md) +>[!div class="step-by-step"] +[Previous](introduction.md) +[Next](source-control.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/continuous-integration-and-continuous-delivery.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/continuous-integration-and-continuous-delivery.md index c094669ed6cb..d82a625d5090 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/continuous-integration-and-continuous-delivery.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/continuous-integration-and-continuous-delivery.md @@ -71,6 +71,6 @@ See also the following resources: - [Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation](https://www.amazon.com/Continuous-Delivery-Deployment-Automation-Addison-Wesley/dp/0321601912/ref=sr_1_1?s=books&ie=UTF8&qid=1377126361). Book by Jez Humble. - [Release It! Design and Deploy Production-Ready Software](https://www.amazon.com/Release-It-Production-Ready-Pragmatic-Programmers/dp/0978739213). Book by Michael T. Nygard. -> [!div class="step-by-step"] -> [Previous](source-control.md) -> [Next](web-development-best-practices.md) +>[!div class="step-by-step"] +[Previous](source-control.md) +[Next](web-development-best-practices.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/data-partitioning-strategies.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/data-partitioning-strategies.md index 8ee89dfcb931..61d3b4fd2b34 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/data-partitioning-strategies.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/data-partitioning-strategies.md @@ -108,6 +108,6 @@ Sample code: - [Cloud Service Fundamentals in Windows Azure](https://code.msdn.microsoft.com/Cloud-Service-Fundamentals-4ca72649). Sample application that includes a sharded database. For a description of the sharding scheme implemented, see [DAL – Sharding of RDBMS](https://blogs.msdn.com/b/windowsazure/archive/2013/09/05/dal-sharding-of-rdbms.aspx) on the Windows Azure blog. -> [!div class="step-by-step"] -> [Previous](data-storage-options.md) -> [Next](unstructured-blob-storage.md) +>[!div class="step-by-step"] +[Previous](data-storage-options.md) +[Next](unstructured-blob-storage.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/data-storage-options.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/data-storage-options.md index 96729741455d..dee8a361f2f7 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/data-storage-options.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/data-storage-options.md @@ -296,6 +296,6 @@ HDInsight (Hadoop on Azure): - [Hadoop and HDInsight: Big Data in Azure](https://msdn.microsoft.com/magazine/dn385705.aspx). MSDN Magazine article by Bruno Terkaly and Ricardo Villalobos, introducing Hadoop on Azure. - [Microsoft Patterns and Practices - Azure Guidance](https://msdn.microsoft.com/library/dn568099.aspx). See MapReduce pattern. -> [!div class="step-by-step"] -> [Previous](single-sign-on.md) -> [Next](data-partitioning-strategies.md) +>[!div class="step-by-step"] +[Previous](single-sign-on.md) +[Next](data-partitioning-strategies.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/design-to-survive-failures.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/design-to-survive-failures.md index 83f34b7701fe..b776e4e0a40c 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/design-to-survive-failures.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/design-to-survive-failures.md @@ -126,6 +126,6 @@ Videos: - [FailSafe: Building Scalable, Resilient Cloud Services](https://channel9.msdn.com/Series/FailSafe). Nine-part series by Ulrich Homann, Marc Mercuri, and Mark Simms. Presents high-level concepts and architectural principles in a very accessible and interesting way, with stories drawn from Microsoft Customer Advisory Team (CAT) experience with actual customers. Episodes 1 and 8 go in depth into the reasons for designing cloud apps to survive failures. See also the follow-up discussion of throttling in episode 2 starting at 49:57, the discussion of failure points and failure modes in episode 2 starting at 56:05, and the discussion of circuit breakers in episode 3 starting at 40:55. - [Building Big: Lessons learned from Azure customers - Part II](https://channel9.msdn.com/Events/Build/2012/3-030). Mark Simms talks about designing for failure and instrumenting everything. Similar to the Failsafe series but goes into more how-to details. -> [!div class="step-by-step"] -> [Previous](unstructured-blob-storage.md) -> [Next](monitoring-and-telemetry.md) +>[!div class="step-by-step"] +[Previous](unstructured-blob-storage.md) +[Next](monitoring-and-telemetry.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/distributed-caching.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/distributed-caching.md index 9059e5880a57..3175aa3fbfa9 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/distributed-caching.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/distributed-caching.md @@ -106,6 +106,6 @@ Code sample - [Cloud Service Fundamentals in Azure](https://code.msdn.microsoft.com/Cloud-Service-Fundamentals-4ca72649). Sample application that implements distributed caching. See the accompanying blog post [Cloud Service Fundamentals – Caching Basics](https://blogs.msdn.com/b/windowsazure/archive/2013/10/03/cloud-service-fundamentals-caching-basics.aspx). -> [!div class="step-by-step"] -> [Previous](transient-fault-handling.md) -> [Next](queue-centric-work-pattern.md) +>[!div class="step-by-step"] +[Previous](transient-fault-handling.md) +[Next](queue-centric-work-pattern.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/introduction.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/introduction.md index 8be223f1f0c9..4b159d70ec27 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/introduction.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/introduction.md @@ -172,5 +172,5 @@ Videos: - [Web Sites Architecture - with Stefan Schackow](https://azure.microsoft.com/documentation/videos/why-azure-web-sites-plus-architecture/). - [Azure Web Sites Internals with Nir Mashkowski](https://channel9.msdn.com/Shows/Web+Camps+TV/Windows-Azure-Web-Sites-Internals-with-Nir-Mashkowski). -> [!div class="step-by-step"] -> [Next](automate-everything.md) +>[!div class="step-by-step"] +[Next](automate-everything.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/monitoring-and-telemetry.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/monitoring-and-telemetry.md index d18c21a82802..0ff886eda25b 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/monitoring-and-telemetry.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/monitoring-and-telemetry.md @@ -287,6 +287,6 @@ Code sample: - [Cloud Service Fundamentals in Azure](https://code.msdn.microsoft.com/Cloud-Service-Fundamentals-4ca72649). Sample application created by the Microsoft Azure Customer Advisory Team. Demonstrates both telemetry and logging practices, as explained in the following articles. The sample implements application logging by using [NLog](http://nlog-project.org/). For related documentation, see the [series of four TechNet wiki articles about telemetry and logging](https://social.technet.microsoft.com/wiki/contents/articles/17987.cloud-service-fundamentals.aspx#Telemetry_coming_soon). -> [!div class="step-by-step"] -> [Previous](design-to-survive-failures.md) -> [Next](transient-fault-handling.md) +>[!div class="step-by-step"] +[Previous](design-to-survive-failures.md) +[Next](transient-fault-handling.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/more-patterns-and-guidance.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/more-patterns-and-guidance.md index 4b3e5a4e94df..a0c2dc594159 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/more-patterns-and-guidance.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/more-patterns-and-guidance.md @@ -127,6 +127,6 @@ Other members of the DGAC reviewed and commented on the preliminary outline: - Roger Whitehead - Pawel Wilkosz -> [!div class="step-by-step"] -> [Previous](queue-centric-work-pattern.md) -> [Next](the-fix-it-sample-application.md) +>[!div class="step-by-step"] +[Previous](queue-centric-work-pattern.md) +[Next](the-fix-it-sample-application.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/queue-centric-work-pattern.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/queue-centric-work-pattern.md index 19397cff68ad..11a889b94be6 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/queue-centric-work-pattern.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/queue-centric-work-pattern.md @@ -189,6 +189,6 @@ Video: - [FailSafe: Building Scalable, Resilient Cloud Services](https://channel9.msdn.com/Series/FailSafe). Nine-part video series by Ulrich Homann, Marc Mercuri, and Mark Simms. Presents high-level concepts and architectural principles in a very accessible and interesting way, with stories drawn from Microsoft Customer Advisory Team (CAT) experience with actual customers. For an introduction to the Azure Storage service and queues, see episode 5 starting at 35:13. -> [!div class="step-by-step"] -> [Previous](distributed-caching.md) -> [Next](more-patterns-and-guidance.md) +>[!div class="step-by-step"] +[Previous](distributed-caching.md) +[Next](more-patterns-and-guidance.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/single-sign-on.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/single-sign-on.md index 35bd7bd5c88c..5f069804314f 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/single-sign-on.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/single-sign-on.md @@ -188,6 +188,6 @@ For more information, see the following resources: - [Azure Active Directory Graph API blog](https://blogs.msdn.com/b/aadgraphteam/). - [Access Control in BYOD and Directory Integration in a Hybrid Identity Infrastructure](https://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/PCIT-B213#fbid=). Tech Ed 2014 session video by Gayana Bagdasaryan. -> [!div class="step-by-step"] -> [Previous](web-development-best-practices.md) -> [Next](data-storage-options.md) +>[!div class="step-by-step"] +[Previous](web-development-best-practices.md) +[Next](data-storage-options.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/source-control.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/source-control.md index 47874dc3f297..c7f37c4cc60c 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/source-control.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/source-control.md @@ -216,6 +216,6 @@ For more information about how to handle sensitive information that should not b For information about other methods for keeping sensitive information out of source control, see [ASP.NET MVC: Keep Private Settings Out of Source Control](http://typecastexception.com/post/2014/04/06/ASPNET-MVC-Keep-Private-Settings-Out-of-Source-Control.aspx). -> [!div class="step-by-step"] -> [Previous](automate-everything.md) -> [Next](continuous-integration-and-continuous-delivery.md) +>[!div class="step-by-step"] +[Previous](automate-everything.md) +[Next](continuous-integration-and-continuous-delivery.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/the-fix-it-sample-application.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/the-fix-it-sample-application.md index 00dd95ec5a9c..ab2dde8dafeb 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/the-fix-it-sample-application.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/the-fix-it-sample-application.md @@ -240,18 +240,18 @@ There are two ways to run the Fix It app: Using Visual Studio 2013: - 1. Press F5 to run the FixIt project. - 2. In **Solution Explorer**, right-click the MyFixItCloudService project, and then click **Debug** -- **Start New Instance**. + 1. Press F5 to run the FixIt project. + 2. In **Solution Explorer**, right-click the MyFixItCloudService project, and then click **Debug** -- **Start New Instance**. - Using Visual Studio 2013 Express for Web: + Using Visual Studio 2013 Express for Web: - 3. In Solution Explorer, right-click the FixIt solution and select **Properties**. - 4. Select **Multiple Startup Projects**.. - 5. In the **Action** dropdown list under MyFixIt and MyFixItCloudService, select **Start**. - 6. Click **OK**. - 7. Press F5 to run both projects. + 1. In Solution Explorer, right-click the FixIt solution and select **Properties**. + 2. Select **Multiple Startup Projects**.. + 3. In the **Action** dropdown list under MyFixIt and MyFixItCloudService, select **Start**. + 4. Click **OK**. + 5. Press F5 to run both projects. - When you run the MyFixItCloudService project, Visual Studio starts the Azure compute emulator. Depending on your firewall configuration, you might need to allow the emulator through the firewall. + When you run the MyFixItCloudService project, Visual Studio starts the Azure compute emulator. Depending on your firewall configuration, you might need to allow the emulator through the firewall. ## How to deploy the base app to Azure App Service Web Apps by using the Windows PowerShell scripts @@ -280,7 +280,7 @@ These instructions assume you have already downloaded and run the Fix It solutio These credentials expire after a period of time and you have to re-run the `Add-AzureAccount` cmdlet. As this e-book is being written, the time limit before credentials expire is 12 hours. 5. If you have multiple subscriptions, use the Select-AzureSubscription cmdlet to specify the subscription you want to create the test environment in. 6. Import a management certificate for the same Azure subscription by using the `Get-AzurePublishSettingsFile` and `Import-AzurePublishSettingsFile` cmdlets. The first of these cmdlets downloads a certificate file, and in the second one you specify the location of that file in order to import it. > [!IMPORTANT] - > Keep the downloaded file in a safe location or delete it when you're done with it, because it contains a certificate that can be used to manage your Azure services. + > Keep the downloaded file in a safe location or delete it when you're done with it, because it contains a certificate that can be used to manage your Azure services. [!code-console[Main](the-fix-it-sample-application/samples/sample22.cmd)] @@ -394,5 +394,5 @@ In MyFixItCloudService\ServiceConfiguration.Cloud.cscfg, replace the same two pl Now you are ready to deploy the cloud service. In Solution Explore, right-click the MyFixItCloudService project and select **Publish**. For more information, see "[Deploy the Application to Azure](https://www.windowsazure.com/develop/net/tutorials/multi-tier-web-site/2-download-and-run/#deployAz)", which is in part 2 of [this tutorial](https://code.msdn.microsoft.com/Windows-Azure-Multi-Tier-eadceb36). -> [!div class="step-by-step"] -> [Previous](more-patterns-and-guidance.md) +>[!div class="step-by-step"] +[Previous](more-patterns-and-guidance.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/transient-fault-handling.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/transient-fault-handling.md index 484f3bafb133..9a22d7327dc4 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/transient-fault-handling.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/transient-fault-handling.md @@ -99,6 +99,6 @@ Code sample - [Cloud Service Fundamentals in Azure](https://code.msdn.microsoft.com/Cloud-Service-Fundamentals-4ca72649). Sample application created by the Microsoft Azure Customer Advisory Team that demonstrates how to use the [Enterprise Library Transient Fault Handling Block](http://nuget.org/packages/EnterpriseLibrary.TransientFaultHandling/) (TFH). For more information, see [Cloud Service Fundamentals Data Access Layer – Transient Fault Handling](https://social.technet.microsoft.com/wiki/contents/articles/18665.cloud-service-fundamentals-data-access-layer-transient-fault-handling.aspx). TFH is recommended for database access using ADO.NET directly (without using Entity Framework). -> [!div class="step-by-step"] -> [Previous](monitoring-and-telemetry.md) -> [Next](distributed-caching.md) +>[!div class="step-by-step"] +[Previous](monitoring-and-telemetry.md) +[Next](distributed-caching.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/unstructured-blob-storage.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/unstructured-blob-storage.md index 950fd966caf8..7feac87f1697 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/unstructured-blob-storage.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/unstructured-blob-storage.md @@ -143,6 +143,6 @@ For more information see the following resources: - [FailSafe: Building Scalable, Resilient Cloud Services](https://channel9.msdn.com/Series/FailSafe). Nine-part video series by Ulrich Homann, Marc Mercuri, and Mark Simms. Presents high-level concepts and architectural principles in a very accessible and interesting way, with stories drawn from Microsoft Customer Advisory Team (CAT) experience with actual customers. For a discussion of Azure Storage service and blobs, see episode 5 starting at 35:13. - [Microsoft Patterns and Practices - Azure Guidance](https://msdn.microsoft.com/library/dn568099.aspx). See Valet Key pattern. -> [!div class="step-by-step"] -> [Previous](data-partitioning-strategies.md) -> [Next](design-to-survive-failures.md) +>[!div class="step-by-step"] +[Previous](data-partitioning-strategies.md) +[Next](design-to-survive-failures.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/web-development-best-practices.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/web-development-best-practices.md index 2101fe499a63..828fe8363079 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/web-development-best-practices.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/web-development-best-practices.md @@ -160,6 +160,6 @@ For additional web development best practices, see the following resources: - [The Fix It Sample Application - Best Practices](the-fix-it-sample-application.md#bestpractices). The appendix to this e-book lists a number of best practices that were implemented in the Fix It application. - [Web Developer Checklist](http://webdevchecklist.com/asp.net) -> [!div class="step-by-step"] -> [Previous](continuous-integration-and-continuous-delivery.md) -> [Next](single-sign-on.md) +>[!div class="step-by-step"] +[Previous](continuous-integration-and-continuous-delivery.md) +[Next](single-sign-on.md) diff --git a/aspnet/aspnet/overview/developing-apps-with-windows-azure/maintainable-azure-websites-managing-change-and-scale.md b/aspnet/aspnet/overview/developing-apps-with-windows-azure/maintainable-azure-websites-managing-change-and-scale.md index 00e734c25eb6..d321819c626d 100644 --- a/aspnet/aspnet/overview/developing-apps-with-windows-azure/maintainable-azure-websites-managing-change-and-scale.md +++ b/aspnet/aspnet/overview/developing-apps-with-windows-azure/maintainable-azure-websites-managing-change-and-scale.md @@ -276,13 +276,13 @@ In this task, you will create a web app in **Azure App Service** from the manage *Customizing the new web app* 5. Specify the following information for the database settings: - - In the **Name** text box, enter a database name (e.g. *geekquiz\_db*) - - In the Server **drop-down** list, select **New SQL database server**. Alternatively, you can select an existing server. - - In the **Database username** and **Database password** boxes, enter the administrator username and password for the SQL database server. If you select a server you have already created, you will be prompted for the password. + - In the **Name** text box, enter a database name (e.g. *geekquiz\_db*) + - In the Server **drop-down** list, select **New SQL database server**. Alternatively, you can select an existing server. + - In the **Database username** and **Database password** boxes, enter the administrator username and password for the SQL database server. If you select a server you have already created, you will be prompted for the password. - ![Specifying the database settings](maintainable-azure-websites-managing-change-and-scale/_static/image17.png) + ![Specifying the database settings](maintainable-azure-websites-managing-change-and-scale/_static/image17.png) - *Specifying the database settings* + *Specifying the database settings* 6. Click **Next** to continue. 7. Select **Local Git repository** for the source control to use and click **Next**. @@ -792,13 +792,13 @@ Now that **Autoscale** has been configured, you will create a **Web Performance *Adding a loop to WebTest1* 6. In the **Add Conditional Rule and Items to Loop** dialog box, select the **For Loop** rule and modify the following properties. - 1. **Terminating value:** 1000 - 2. **Context Parameter Name:** Iterator - 3. **Increment Value:** 1 + 1. **Terminating value:** 1000 + 2. **Context Parameter Name:** Iterator + 3. **Increment Value:** 1 - ![Selecting the For Loop rule and updating the properties](maintainable-azure-websites-managing-change-and-scale/_static/image84.png "Selecting the For Loop rule and updating the properties") + ![Selecting the For Loop rule and updating the properties](maintainable-azure-websites-managing-change-and-scale/_static/image84.png "Selecting the For Loop rule and updating the properties") - *Selecting the For Loop rule and updating the properties* + *Selecting the For Loop rule and updating the properties* 7. Under the **Items in loop** section, select the request you created previously to be the first and last item for the loop. Click **OK** to continue. ![Selecting the first and last items for the loop](maintainable-azure-websites-managing-change-and-scale/_static/image85.png "Selecting the first and last items for the loop") diff --git a/aspnet/aspnet/overview/owin-and-katana/an-overview-of-project-katana.md b/aspnet/aspnet/overview/owin-and-katana/an-overview-of-project-katana.md index 6bc82ca79cf0..96945440c638 100644 --- a/aspnet/aspnet/overview/owin-and-katana/an-overview-of-project-katana.md +++ b/aspnet/aspnet/overview/owin-and-katana/an-overview-of-project-katana.md @@ -139,7 +139,7 @@ From the command line, we can then navigate to the project root folder and simpl - Managing the underlying process. - Orchestrating the workflow that results in the selection of a server and the construction of an OWIN pipeline through which requests will be handled. - At present, there are 3 primary hosting options for Katana-based applications: + At present, there are 3 primary hosting options for Katana-based applications: **IIS/ASP.NET**: Using the standard HttpModule and HttpHandler types, OWIN pipelines can run on IIS as a part of an ASP.NET request flow. ASP.NET hosting support is enabled by installing the Microsoft.AspNet.Host.SystemWeb NuGet package into a Web application project. Additionally, because IIS acts as both a host and a server, the OWIN server/host distinction is conflated in this NuGet package, meaning that if using the SystemWeb host, a developer cannot substitute an alternate server implementation. diff --git a/aspnet/aspnet/overview/owin-and-katana/host-owin-in-an-azure-worker-role.md b/aspnet/aspnet/overview/owin-and-katana/host-owin-in-an-azure-worker-role.md index f7b3fa3a0766..7e34a8af3971 100644 --- a/aspnet/aspnet/overview/owin-and-katana/host-owin-in-an-azure-worker-role.md +++ b/aspnet/aspnet/overview/owin-and-katana/host-owin-in-an-azure-worker-role.md @@ -114,7 +114,7 @@ The compute emulator assigns a local IP address to the endpoint. You can find th [![](host-owin-in-an-azure-worker-role/_static/image10.png)](host-owin-in-an-azure-worker-role/_static/image9.png) -Find the IP address under Service Deployments, deployment [id], Service Details. Open a web browser and navigate to http://address, where address is the IP address assigned by the compute emulator; for example, `http://127.0.0.1:80`. You should see the OWIN welcome page: +Find the IP address under Service Deployments, deployment [id], Service Details. Open a web browser and navigate to http://*address*, where *address* is the IP address assigned by the compute emulator; for example, `http://127.0.0.1:80`. You should see the OWIN welcome page: ![](host-owin-in-an-azure-worker-role/_static/image11.png) diff --git a/aspnet/aspnet/overview/owin-and-katana/owin-middleware-in-the-iis-integrated-pipeline.md b/aspnet/aspnet/overview/owin-and-katana/owin-middleware-in-the-iis-integrated-pipeline.md index 9105747b6d91..20c026a95831 100644 --- a/aspnet/aspnet/overview/owin-and-katana/owin-middleware-in-the-iis-integrated-pipeline.md +++ b/aspnet/aspnet/overview/owin-and-katana/owin-middleware-in-the-iis-integrated-pipeline.md @@ -78,13 +78,13 @@ Owin middleware components (OMC) can be configured to run at the following OWIN [!code-console[Main](owin-middleware-in-the-iis-integrated-pipeline/samples/sample9.cmd)] - calls to `app.UseStageMarker` passing `Authenticate` or `PostAuthenticate` will not be honored, and no exception will be thrown. OMCs run at the latest stage, which by default is `PreHandlerExecute`. The stage markers are used to make them to run earlier. If you specify stage markers out of order, we round to the earlier marker. In other words, adding a stage marker says "Run no later than stage X". OMC's run at the earliest stage marker added after them in the OWIN pipeline. + calls to `app.UseStageMarker` passing `Authenticate` or `PostAuthenticate` will not be honored, and no exception will be thrown. OMCs run at the latest stage, which by default is `PreHandlerExecute`. The stage markers are used to make them to run earlier. If you specify stage markers out of order, we round to the earlier marker. In other words, adding a stage marker says "Run no later than stage X". OMC's run at the earliest stage marker added after them in the OWIN pipeline. 4. The earliest stage of calls to `app.UseStageMarker` wins. For example, if you switch the order of `app.UseStageMarker` calls from our previous example: [!code-csharp[Main](owin-middleware-in-the-iis-integrated-pipeline/samples/sample10.cs?highlight=13,19)] - The output window will display: + The output window will display: [!code-console[Main](owin-middleware-in-the-iis-integrated-pipeline/samples/sample11.cmd)] - The OMCs all run in the `AuthenticateRequest` stage, because the last OMC registered with the `Authenticate` event, and the `Authenticate` event precedes all other events. + The OMCs all run in the `AuthenticateRequest` stage, because the last OMC registered with the `Authenticate` event, and the `Authenticate` event precedes all other events. diff --git a/aspnet/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server.md b/aspnet/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server.md index 169271fa67c7..3d2845e0773c 100644 --- a/aspnet/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server.md +++ b/aspnet/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server.md @@ -1,311 +1,311 @@ ---- -uid: aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server -title: "OWIN OAuth 2.0 Authorization Server | Microsoft Docs" -author: hongyes -description: "This tutorial will guide you on how to implement an OAuth 2.0 Authorization Server using OWIN OAuth middleware. This is an advanced tutorial that only outlin..." -ms.author: aspnetcontent -manager: wpickett -ms.date: 03/20/2014 -ms.topic: article -ms.assetid: 20acee16-c70c-41e9-b38f-92bfcf9a4c1c -ms.technology: -ms.prod: .net-framework -msc.legacyurl: /aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server -msc.type: authoredcontent ---- -OWIN OAuth 2.0 Authorization Server -==================== -by [Hongye Sun](https://github.com/hongyes), [Praburaj Thiagarajan](https://github.com/Praburaj), [Rick Anderson](https://github.com/Rick-Anderson) - -> This tutorial will guide you on how to implement an OAuth 2.0 Authorization Server using OWIN OAuth middleware. This is an advanced tutorial that only outlines the steps to create an OWIN OAuth 2.0 Authorization Server. This is not a step by step tutorial. [Download the sample code](https://code.msdn.microsoft.com/OWIN-OAuth-20-Authorization-ba2b8783/file/114932/1/AuthorizationServer.zip). -> -> > [!NOTE] -> > This outline should not be intended to be used for creating a secure production app. This tutorial is intended to provide only an outline on how to implement an OAuth 2.0 Authorization Server using OWIN OAuth middleware. -> -> -> ## Software versions -> -> | **Shown in the tutorial** | **Also works with** | -> | --- | --- | -> | Windows 8.1 | Windows 8, Windows 7 | -> | [Visual Studio 2013](https://www.microsoft.com/visualstudio/eng/2013-downloads) | [Visual Studio 2013 Express for Desktop](https://www.microsoft.com/visualstudio/eng/2013-downloads#d-2013-express). Visual Studio 2012 with the latest update should work, but the tutorial has not been tested with it, and some menu selections and dialog boxes are different. | -> | .NET 4.5 | | -> -> ## Questions and Comments -> -> If you have questions that are not directly related to the tutorial, you can post them at [Katana Project on GitHub](https://github.com/aspnet/AspNetKatana/). For questions and comments regarding the tutorial itself, see the comments section at the bottom of the page. - - -The [OAuth 2.0 framework](http://tools.ietf.org/html/rfc6749) enables a third-party app to obtain limited access to an HTTP service. Instead of using the resource owner's credentials to access a protected resource, the client obtains an access token (which is a string denoting a specific scope, lifetime, and other access attributes). Access tokens are issued to third-party clients by an authorization server with the approval of the resource owner. - -This tutorial will cover: - -- How to create an authorization server to support four authorization grant types and refresh tokens: - - Authorization code grant - - Implicit Grant - - Resource Owner Password Credentials Grant - - Client Credentials Grant -- Creating a resource server which is protected by an access token. -- Creating OAuth 2.0 clients. - - -## Prerequisites - -- [Visual Studio 2013](https://www.microsoft.com/visualstudio/eng/downloads#d-2013-editions) or the free [Visual Studio Express 2013](https://www.microsoft.com/visualstudio/eng/downloads#d-2013-express), as indicated in **Software Versions** at the top of the page. -- Familiarity with OWIN. See [Getting Started with the Katana Project](https://msdn.microsoft.com/magazine/dn451439.aspx) and [What's new in OWIN and Katana](index.md). -- Familiarity with [OAuth](http://tools.ietf.org/html/rfc6749) terminology, including [Roles](http://tools.ietf.org/html/rfc6749#section-1.1), [Protocol Flow](http://tools.ietf.org/html/rfc6749#section-1.2), and [Authorization Grant](http://tools.ietf.org/html/rfc6749#section-1.3). [OAuth 2.0 introduction](http://tools.ietf.org/html/rfc6749#section-1) provides a good introduction. - -## Create an Authorization Server - -In this tutorial, we will roughly sketch out how to use [OWIN](https://msdn.microsoft.com/magazine/dn451439.aspx) and ASP.NET MVC to create an authorization server. We hope to soon provide a download for the completed sample, as this tutorial does not include each step. First, create an empty web app named *AuthorizationServer* and install the following packages: - -- Microsoft.AspNet.Mvc -- Microsoft.Owin.Host.SystemWeb -- Microsoft.Owin.Security.OAuth -- Microsoft.Owin.Security.Cookies -- Microsoft.Owin.Security.Google (Or any other social login package such as Microsoft.Owin.Security.Facebook) - -Add an [OWIN Startup class](owin-startup-class-detection.md) under the project root folder named *Startup*. - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample1.cs?highlight=8)] - -Create an *App\_Start* folder. Select the *App\_Start* folder and use Shift+Alt+A to add the downloaded version of the *AuthorizationServer\App\_Start\Startup.Auth.cs* file. - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample2.cs)] - -The code above enables application/external sign in cookies and Google authentication, which are used by authorization server itself to manage accounts. - -The `UseOAuthAuthorizationServer` extension method is to setup the authorization server. The setup options are: - -- `AuthorizeEndpointPath`: The request path where client applications will redirect the user-agent in order to obtain the users consent to issue a token or code. It must begin with a leading slash, for example, "`/Authorize`". -- `TokenEndpointPath`: The request path client applications directly communicate to obtain the access token. It must begin with a leading slash, like "/Token". If the client is issued a [client\_secret](http://tools.ietf.org/html/rfc6749#appendix-A.2), it must be provided to this endpoint. -- `ApplicationCanDisplayErrors`: Set to `true` if the web application wants to generate a custom error page for the client validation errors on `/Authorize` endpoint. This is only needed for cases where the browser is not redirected back to the client application, for example, when the `client_id` or `redirect_uri` are incorrect. The `/Authorize` endpoint should expect to see the "oauth.Error", "oauth.ErrorDescription", and "oauth.ErrorUri" properties are added to the OWIN environment. - - > [!NOTE] - > If not true, the authorization server will return a default error page with the error details. -- `AllowInsecureHttp`: True to allow authorize and token requests to arrive on HTTP URI addresses, and to allow incoming `redirect_uri` authorize request parameters to have HTTP URI addresses. - - > [!WARNING] - > Security - This is for development only. -- `Provider`: The object provided by the application to process events raised by the Authorization Server middleware. The application may implement the interface fully, or it may create an instance of `OAuthAuthorizationServerProvider` and assign delegates necessary for the OAuth flows this server supports. -- `AuthorizationCodeProvider`: Produces a single-use authorization code to return to the client application. For the OAuth server to be secure the application **MUST** provide an instance for `AuthorizationCodeProvider` where the token produced by the `OnCreate/OnCreateAsync` event is considered valid for only one call to `OnReceive/OnReceiveAsync`. -- `RefreshTokenProvider`: Produces a refresh token which may be used to produce a new access token when needed. If not provided the authorization server will not return refresh tokens from the `/Token` endpoint. - -## Account Management - -OAuth doesn't care where or how you manage your user account information. It's [ASP.NET Identity](../../../identity/index.md) which is responsible for it. In this tutorial, we will simplify the account management code and just make sure that user can login using OWIN cookie middleware. Here is the simplified sample code for the `AccountController`: - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample3.cs)] - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample4.cs?highlight=1)] - -`ValidateClientRedirectUri` is used to validate the client with its registered redirect URL. `ValidateClientAuthentication` checks the basic scheme header and form body to get the client's credentials. - -The login page is shown below: - -![](owin-oauth-20-authorization-server/_static/image1.png) - -Review the IETF's OAuth 2 [Authorization Code Grant](http://tools.ietf.org/html/rfc6749#section-4.1) section now. - -**Provider** (in the table below) is [OAuthAuthorizationServerOptions](https://msdn.microsoft.com/library/microsoft.owin.security.oauth.oauthauthorizationserveroptions(v=vs.111).aspx).Provider, which is of type `OAuthAuthorizationServerProvider`, which contains all OAuth server events. - -| Flow steps from Authorization Code Grant section | Sample download performs these steps with: | -| --- | --- | -| | | -| (A) The client initiates the flow by directing the resource owner's user-agent to the authorization endpoint. The client includes its client identifier, requested scope, local state, and a redirection URI to which the authorization server will send the user-agent back once access is granted (or denied). | Provider.MatchEndpoint Provider.ValidateClientRedirectUri Provider.ValidateAuthorizeRequest Provider.AuthorizeEndpoint | -| | | -| (B) The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request. | **<If user grants access>** Provider.MatchEndpoint Provider.ValidateClientRedirectUri Provider.ValidateAuthorizeRequest Provider.AuthorizeEndpoint AuthorizationCodeProvider.CreateAsync | -| | | -| (C) Assuming the resource owner grants access, the authorization server redirects the user-agent back to the client using the redirection URI provided earlier (in the request or during client registration). ... | | -| | | -| (D) The client requests an access token from the authorization server's token endpoint by including the authorization code received in the previous step. When making the request, the client authenticates with the authorization server. The client includes the redirection URI used to obtain the authorization code for verification. | Provider.MatchEndpoint Provider.ValidateClientAuthentication AuthorizationCodeProvider.ReceiveAsync Provider.ValidateTokenRequest Provider.GrantAuthorizationCode Provider.TokenEndpoint AccessTokenProvider.CreateAsync RefreshTokenProvider.CreateAsync | - -A sample implementation for `AuthorizationCodeProvider.CreateAsync` and `ReceiveAsync` to control the creation and validation of authorization code is shown below. - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample5.cs)] - -The code above uses an in-memory concurrent dictionary to store the code and identity ticket and restore the identity after receiving the code. In a real application, it would be replaced by a persistent data store. The authorization endpoint is for the resource owner to grant access to the client. Usually, it needs a user interface to allow the user to click a button and confirm the grant. OWIN OAuth middleware allows application code to handle the authorization endpoint. In our sample app, we use an MVC controller called `OAuthController` to handle it. Here is the sample implementation: - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample6.cs?highlight=15)] - -The `Authorize` action will first check if the user has logged in to the authorization server. If not, the authentication middleware challenges the caller to authenticate using the "Application" cookie and redirects to the login page. (See highlighted code above.) If user has logged in, it will render the Authorize view, as shown below: - -![](owin-oauth-20-authorization-server/_static/image2.png) - -If the **Grant** button is selected, the `Authorize` action will create a new "Bearer" identity and sign in with it. It will trigger the authorization server to generate a bearer token and send it back to the client with JSON payload. - -### Implicit Grant - -Refer to the IETF's OAuth 2 [Implicit Grant](http://tools.ietf.org/html/rfc6749#section-4.2) section now. - - The [Implicit Grant](http://tools.ietf.org/html/rfc6749#section-4.2) flow shown in Figure 4 is the flow and mapping which the OWIN OAuth middleware follows. - -| Flow steps from Implicit Grant section | Sample download performs these steps with: | -| --- | --- | -| | | -| (A) The client initiates the flow by directing the resource owner's user-agent to the authorization endpoint. The client includes its client identifier, requested scope, local state, and a redirection URI to which the authorization server will send the user-agent back once access is granted (or denied). | Provider.MatchEndpoint Provider.ValidateClientRedirectUri Provider.ValidateAuthorizeRequest Provider.AuthorizeEndpoint | -| | | -| (B) The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request. | **<If user grants access>** Provider.MatchEndpoint Provider.ValidateClientRedirectUri Provider.ValidateAuthorizeRequest Provider.AuthorizeEndpoint AuthorizationCodeProvider.CreateAsync | -| | | -| (C) Assuming the resource owner grants access, the authorization server redirects the user-agent back to the client using the redirection URI provided earlier (in the request or during client registration). ... | | -| | | -| (D) The client requests an access token from the authorization server's token endpoint by including the authorization code received in the previous step. When making the request, the client authenticates with the authorization server. The client includes the redirection URI used to obtain the authorization code for verification. | | - -Since we already implemented the authorization endpoint (`OAuthController.Authorize` action) for authorization code grant, it automatically enables implicit flow as well. Note: `Provider.ValidateClientRedirectUri` is used to validate the client ID with its redirection URL, which protects the implicit grant flow from sending the access token to malicious clients ([Man-in-the-middle attack](https://www.owasp.org/index.php/Man-in-the-middle_attack)). - -### Resource Owner Password Credentials Grant - -Refer to the IETF's OAuth 2 [Resource Owner Password Credentials Grant](http://tools.ietf.org/html/rfc6749#section-4.3) section now. - - The [Resource Owner Password Credentials Grant](http://tools.ietf.org/html/rfc6749#section-4.3) flow shown in Figure 5 is the flow and mapping which the OWIN OAuth middleware follows. - -| Flow steps from Resource Owner Password Credentials Grant section | Sample download performs these steps with: | -| --- | --- | -| | | -| (A) The resource owner provides the client with its username and password. | | -| | | -| (B) The client requests an access token from the authorization server's token endpoint by including the credentials received from the resource owner. When making the request, the client authenticates with the authorization server. | Provider.MatchEndpoint Provider.ValidateClientAuthentication Provider.ValidateTokenRequest Provider.GrantResourceOwnerCredentials Provider.TokenEndpoint AccessToken Provider.CreateAsync RefreshTokenProvider.CreateAsync | -| | | -| (C) The authorization server authenticates the client and validates the resource owner credentials, and if valid, issues an access token. | | - -Here is the sample implementation for `Provider.GrantResourceOwnerCredentials`: - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample7.cs)] - -> [!NOTE] -> The code above is intended to explain this section of the tutorial and should not be used in secure or production apps. It does not check the resource owners credentials. It assumes every credential is valid and creates a new identity for it. The new identity will be used to generate the access token and refresh token. Please replace the code with your own secure account management code. - - -### Client Credentials Grant - -Refer to the IETF's OAuth 2 [Client Credentials Grant](http://tools.ietf.org/html/rfc6749#section-4.4) section now. - - The [Client Credentials Grant](http://tools.ietf.org/html/rfc6749#section-4.4) flow shown in Figure 6 is the flow and mapping which the OWIN OAuth middleware follows. - -| Flow steps from Client Credentials Grant section | Sample download performs these steps with: | -| --- | --- | -| | | -| (A) The client authenticates with the authorization server and requests an access token from the token endpoint. | Provider.MatchEndpoint Provider.ValidateClientAuthentication Provider.ValidateTokenRequest Provider.GrantClientCredentials Provider.TokenEndpoint AccessTokenProvider.CreateAsync RefreshTokenProvider.CreateAsync | -| | | -| (B) The authorization server authenticates the client, and if valid, issues an access token. | | - -Here is the sample implementation for `Provider.GrantClientCredentials`: - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample8.cs)] - -> [!NOTE] -> The code above is intended to explain this section of the tutorial and should not be used in secure or production apps. Please replace the code with your own secure client management code. - - -### Refresh Token - -Refer to the IETF's OAuth 2 [Refresh Token](http://tools.ietf.org/html/rfc6749#section-1.5) section now. - - The [Refresh Token](http://tools.ietf.org/html/rfc6749#section-1.5) flow shown in Figure 2 is the flow and mapping which the OWIN OAuth middleware follows. - -| Flow steps from Client Credentials Grant section | Sample download performs these steps with: | -| --- | --- | -| | | -| (G) The client requests a new access token by authenticating with the authorization server and presenting the refresh token. The client authentication requirements are based on the client type and on the authorization server policies. | Provider.MatchEndpoint Provider.ValidateClientAuthentication RefreshTokenProvider.ReceiveAsync Provider.ValidateTokenRequest Provider.GrantRefreshToken Provider.TokenEndpoint AccessTokenProvider.CreateAsync RefreshTokenProvider.CreateAsync | -| | | -| (H) The authorization server authenticates the client and validates the refresh token, and if valid, issues a new access token (and, optionally, a new refresh token). | | - -Here is the sample implementation for `Provider.GrantRefreshToken`: - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample9.cs)] - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample10.cs)] - -## Create a Resource Server which is protected by Access Token - -Create an empty web app project and install following packages in the project: - -- Microsoft.AspNet.WebApi.Owin -- Microsoft.Owin.Host.SystemWeb -- Microsoft.Owin.Security.OAuth - -Create a startup class and configure authentication and Web API. See *AuthorizationServer\ResourceServer\Startup.cs* in the sample download. - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample11.cs)] - -See *AuthorizationServer\ResourceServer\App\_Start\Startup.Auth.cs* in the sample download. - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample12.cs)] - -See *AuthorizationServer\ResourceServer\App\_Start\Startup.WebApi.cs* in the sample download. - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample13.cs)] - -- `UseCors` method allows CORS for all domains. -- `UseOAuthBearerAuthentication` method enables OAuth bearer token authentication middleware which will receive and validate bearer token from authorization header in the request. -- `Config.SuppressDefaultHostAuthenticaiton` suppresses default host authenticated principal from the app, therefore all requests will be anonymous after this call. -- `HostAuthenticationFilter` enables authentication just for the specified authentication type. In this case, it's bearer authentication type. - -In order to demonstrate the authenticated identity, we create an ApiController to output current user's claims. - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample14.cs)] - -If the authorization server and the resource server are not on the same computer, the OAuth middleware will use the different machine keys to encrypt and decrypt bearer access token. In order to share the same private key between both projects, we add the same `machinekey` setting in both *web.config* files. - -[!code-xml[Main](owin-oauth-20-authorization-server/samples/sample15.xml?highlight=8-10)] - -## Create OAuth 2.0 Clients - - We use the [DotNetOpenAuth.OAuth2.Client](http://www.nuget.org/packages/DotNetOpenAuth.OAuth2.Client) NuGet package to simplify the client code. - -### Authorization Code Grant Client - - This client is an MVC application. It will trigger an authorization code grant flow to get the access token from backend. It has a single page as shown below: - -![](owin-oauth-20-authorization-server/_static/image3.png) - -- The **Authorize** button will redirect browser to the authorization server to notify the resource owner to grant access to this client. -- The **Refresh** button will get a new access token and refresh token using the current refresh token. -- The **Access Protected Resource API** button will call the resource server to get current user's claims data and show them on the page. - -Here is the sample code of the `HomeController` of the client. - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample16.cs)] - -`DotNetOpenAuth` requires SSL by default. Since our demo is using HTTP, you need to add following setting in the config file: - -[!code-xml[Main](owin-oauth-20-authorization-server/samples/sample17.xml?highlight=4-6)] - -> [!WARNING] -> Security - Never disable SSL in a production app. Your login credentials are now being sent in clear-text across the wire. The code above is just for local sample debugging and exploration. - - -### Implicit Grant Client - -This client is using JavaScript to: - -1. Open a new window and redirect to the authorize endpoint of the Authorization Server. -2. Get the access token from URL fragments when it redirects back. - -The following image shows this process: - -![](owin-oauth-20-authorization-server/_static/image4.png) - -The client should have two pages: one for home page and the other for callback.Here is the sample JavaScript code found in the *Index.cshtml* file: - -[!code-cshtml[Main](owin-oauth-20-authorization-server/samples/sample18.cshtml)] - -Here is the callback handling code in *SignIn.cshtml* file: - -[!code-cshtml[Main](owin-oauth-20-authorization-server/samples/sample19.cshtml)] - -> [!NOTE] -> A best practice is to move the JavaScript to an external file and not embed it with the Razor markup. To keep this sample simple, they have been combined. - - -### Resource Owner Password Credentials Grant Client - -We uses a console app to demo this client. Here is the code: - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample20.cs)] - -### Client Credentials Grant Client - -Similar to the Resource Owner Password Credentials Grant, here is console app code: - -[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample21.cs)] +--- +uid: aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server +title: "OWIN OAuth 2.0 Authorization Server | Microsoft Docs" +author: hongyes +description: "This tutorial will guide you on how to implement an OAuth 2.0 Authorization Server using OWIN OAuth middleware. This is an advanced tutorial that only outlin..." +ms.author: aspnetcontent +manager: wpickett +ms.date: 03/20/2014 +ms.topic: article +ms.assetid: 20acee16-c70c-41e9-b38f-92bfcf9a4c1c +ms.technology: +ms.prod: .net-framework +msc.legacyurl: /aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server +msc.type: authoredcontent +--- +OWIN OAuth 2.0 Authorization Server +==================== +by [Hongye Sun](https://github.com/hongyes), [Praburaj Thiagarajan](https://github.com/Praburaj), [Rick Anderson](https://github.com/Rick-Anderson) + +> This tutorial will guide you on how to implement an OAuth 2.0 Authorization Server using OWIN OAuth middleware. This is an advanced tutorial that only outlines the steps to create an OWIN OAuth 2.0 Authorization Server. This is not a step by step tutorial. [Download the sample code](https://code.msdn.microsoft.com/OWIN-OAuth-20-Authorization-ba2b8783/file/114932/1/AuthorizationServer.zip). +> +> > [!NOTE] +> > This outline should not be intended to be used for creating a secure production app. This tutorial is intended to provide only an outline on how to implement an OAuth 2.0 Authorization Server using OWIN OAuth middleware. +> +> +> ## Software versions +> +> | **Shown in the tutorial** | **Also works with** | +> | --- | --- | +> | Windows 8.1 | Windows 8, Windows 7 | +> | [Visual Studio 2013](https://www.microsoft.com/visualstudio/eng/2013-downloads) | [Visual Studio 2013 Express for Desktop](https://www.microsoft.com/visualstudio/eng/2013-downloads#d-2013-express). Visual Studio 2012 with the latest update should work, but the tutorial has not been tested with it, and some menu selections and dialog boxes are different. | +> | .NET 4.5 | | +> +> ## Questions and Comments +> +> If you have questions that are not directly related to the tutorial, you can post them at [Katana Project on GitHub](https://github.com/aspnet/AspNetKatana/). For questions and comments regarding the tutorial itself, see the comments section at the bottom of the page. + + +The [OAuth 2.0 framework](http://tools.ietf.org/html/rfc6749) enables a third-party app to obtain limited access to an HTTP service. Instead of using the resource owner's credentials to access a protected resource, the client obtains an access token (which is a string denoting a specific scope, lifetime, and other access attributes). Access tokens are issued to third-party clients by an authorization server with the approval of the resource owner. + +This tutorial will cover: + +- How to create an authorization server to support four authorization grant types and refresh tokens: + - Authorization code grant + - Implicit Grant + - Resource Owner Password Credentials Grant + - Client Credentials Grant +- Creating a resource server which is protected by an access token. +- Creating OAuth 2.0 clients. + + +## Prerequisites + +- [Visual Studio 2013](https://www.microsoft.com/visualstudio/eng/downloads#d-2013-editions) or the free [Visual Studio Express 2013](https://www.microsoft.com/visualstudio/eng/downloads#d-2013-express), as indicated in **Software Versions** at the top of the page. +- Familiarity with OWIN. See [Getting Started with the Katana Project](https://msdn.microsoft.com/magazine/dn451439.aspx) and [What's new in OWIN and Katana](index.md). +- Familiarity with [OAuth](http://tools.ietf.org/html/rfc6749) terminology, including [Roles](http://tools.ietf.org/html/rfc6749#section-1.1), [Protocol Flow](http://tools.ietf.org/html/rfc6749#section-1.2), and [Authorization Grant](http://tools.ietf.org/html/rfc6749#section-1.3). [OAuth 2.0 introduction](http://tools.ietf.org/html/rfc6749#section-1) provides a good introduction. + +## Create an Authorization Server + +In this tutorial, we will roughly sketch out how to use [OWIN](https://msdn.microsoft.com/magazine/dn451439.aspx) and ASP.NET MVC to create an authorization server. We hope to soon provide a download for the completed sample, as this tutorial does not include each step. First, create an empty web app named *AuthorizationServer* and install the following packages: + +- Microsoft.AspNet.Mvc +- Microsoft.Owin.Host.SystemWeb +- Microsoft.Owin.Security.OAuth +- Microsoft.Owin.Security.Cookies +- Microsoft.Owin.Security.Google (Or any other social login package such as Microsoft.Owin.Security.Facebook) + +Add an [OWIN Startup class](owin-startup-class-detection.md) under the project root folder named *Startup*. + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample1.cs?highlight=8)] + +Create an *App\_Start* folder. Select the *App\_Start* folder and use Shift+Alt+A to add the downloaded version of the *AuthorizationServer\App\_Start\Startup.Auth.cs* file. + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample2.cs)] + +The code above enables application/external sign in cookies and Google authentication, which are used by authorization server itself to manage accounts. + +The `UseOAuthAuthorizationServer` extension method is to setup the authorization server. The setup options are: + +- `AuthorizeEndpointPath`: The request path where client applications will redirect the user-agent in order to obtain the users consent to issue a token or code. It must begin with a leading slash, for example, "`/Authorize`". +- `TokenEndpointPath`: The request path client applications directly communicate to obtain the access token. It must begin with a leading slash, like "/Token". If the client is issued a [client\_secret](http://tools.ietf.org/html/rfc6749#appendix-A.2), it must be provided to this endpoint. +- `ApplicationCanDisplayErrors`: Set to `true` if the web application wants to generate a custom error page for the client validation errors on `/Authorize` endpoint. This is only needed for cases where the browser is not redirected back to the client application, for example, when the `client_id` or `redirect_uri` are incorrect. The `/Authorize` endpoint should expect to see the "oauth.Error", "oauth.ErrorDescription", and "oauth.ErrorUri" properties are added to the OWIN environment. + + > [!NOTE] + > If not true, the authorization server will return a default error page with the error details. +- `AllowInsecureHttp`: True to allow authorize and token requests to arrive on HTTP URI addresses, and to allow incoming `redirect_uri` authorize request parameters to have HTTP URI addresses. + + > [!WARNING] + > Security - This is for development only. +- `Provider`: The object provided by the application to process events raised by the Authorization Server middleware. The application may implement the interface fully, or it may create an instance of `OAuthAuthorizationServerProvider` and assign delegates necessary for the OAuth flows this server supports. +- `AuthorizationCodeProvider`: Produces a single-use authorization code to return to the client application. For the OAuth server to be secure the application **MUST** provide an instance for `AuthorizationCodeProvider` where the token produced by the `OnCreate/OnCreateAsync` event is considered valid for only one call to `OnReceive/OnReceiveAsync`. +- `RefreshTokenProvider`: Produces a refresh token which may be used to produce a new access token when needed. If not provided the authorization server will not return refresh tokens from the `/Token` endpoint. + +## Account Management + +OAuth doesn't care where or how you manage your user account information. It's [ASP.NET Identity](../../../identity/index.md) which is responsible for it. In this tutorial, we will simplify the account management code and just make sure that user can login using OWIN cookie middleware. Here is the simplified sample code for the `AccountController`: + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample3.cs)] + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample4.cs?highlight=1)] + +`ValidateClientRedirectUri` is used to validate the client with its registered redirect URL. `ValidateClientAuthentication` checks the basic scheme header and form body to get the client's credentials. + +The login page is shown below: + +![](owin-oauth-20-authorization-server/_static/image1.png) + +Review the IETF's OAuth 2 [Authorization Code Grant](http://tools.ietf.org/html/rfc6749#section-4.1) section now. + +**Provider** (in the table below) is [OAuthAuthorizationServerOptions](https://msdn.microsoft.com/library/microsoft.owin.security.oauth.oauthauthorizationserveroptions(v=vs.111).aspx).Provider, which is of type `OAuthAuthorizationServerProvider`, which contains all OAuth server events. + +| Flow steps from Authorization Code Grant section | Sample download performs these steps with: | +| --- | --- | +| | | +| (A) The client initiates the flow by directing the resource owner's user-agent to the authorization endpoint. The client includes its client identifier, requested scope, local state, and a redirection URI to which the authorization server will send the user-agent back once access is granted (or denied). | Provider.MatchEndpoint Provider.ValidateClientRedirectUri Provider.ValidateAuthorizeRequest Provider.AuthorizeEndpoint | +| | | +| (B) The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request. | **<If user grants access>** Provider.MatchEndpoint Provider.ValidateClientRedirectUri Provider.ValidateAuthorizeRequest Provider.AuthorizeEndpoint AuthorizationCodeProvider.CreateAsync | +| | | +| (C) Assuming the resource owner grants access, the authorization server redirects the user-agent back to the client using the redirection URI provided earlier (in the request or during client registration). ... | | +| | | +| (D) The client requests an access token from the authorization server's token endpoint by including the authorization code received in the previous step. When making the request, the client authenticates with the authorization server. The client includes the redirection URI used to obtain the authorization code for verification. | Provider.MatchEndpoint Provider.ValidateClientAuthentication AuthorizationCodeProvider.ReceiveAsync Provider.ValidateTokenRequest Provider.GrantAuthorizationCode Provider.TokenEndpoint AccessTokenProvider.CreateAsync RefreshTokenProvider.CreateAsync | + +A sample implementation for `AuthorizationCodeProvider.CreateAsync` and `ReceiveAsync` to control the creation and validation of authorization code is shown below. + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample5.cs)] + +The code above uses an in-memory concurrent dictionary to store the code and identity ticket and restore the identity after receiving the code. In a real application, it would be replaced by a persistent data store. The authorization endpoint is for the resource owner to grant access to the client. Usually, it needs a user interface to allow the user to click a button and confirm the grant. OWIN OAuth middleware allows application code to handle the authorization endpoint. In our sample app, we use an MVC controller called `OAuthController` to handle it. Here is the sample implementation: + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample6.cs?highlight=15)] + +The `Authorize` action will first check if the user has logged in to the authorization server. If not, the authentication middleware challenges the caller to authenticate using the "Application" cookie and redirects to the login page. (See highlighted code above.) If user has logged in, it will render the Authorize view, as shown below: + +![](owin-oauth-20-authorization-server/_static/image2.png) + +If the **Grant** button is selected, the `Authorize` action will create a new "Bearer" identity and sign in with it. It will trigger the authorization server to generate a bearer token and send it back to the client with JSON payload. + +### Implicit Grant + +Refer to the IETF's OAuth 2 [Implicit Grant](http://tools.ietf.org/html/rfc6749#section-4.2) section now. + + The [Implicit Grant](http://tools.ietf.org/html/rfc6749#section-4.2) flow shown in Figure 4 is the flow and mapping which the OWIN OAuth middleware follows. + +| Flow steps from Implicit Grant section | Sample download performs these steps with: | +| --- | --- | +| | | +| (A) The client initiates the flow by directing the resource owner's user-agent to the authorization endpoint. The client includes its client identifier, requested scope, local state, and a redirection URI to which the authorization server will send the user-agent back once access is granted (or denied). | Provider.MatchEndpoint Provider.ValidateClientRedirectUri Provider.ValidateAuthorizeRequest Provider.AuthorizeEndpoint | +| | | +| (B) The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request. | **<If user grants access>** Provider.MatchEndpoint Provider.ValidateClientRedirectUri Provider.ValidateAuthorizeRequest Provider.AuthorizeEndpoint AuthorizationCodeProvider.CreateAsync | +| | | +| (C) Assuming the resource owner grants access, the authorization server redirects the user-agent back to the client using the redirection URI provided earlier (in the request or during client registration). ... | | +| | | +| (D) The client requests an access token from the authorization server's token endpoint by including the authorization code received in the previous step. When making the request, the client authenticates with the authorization server. The client includes the redirection URI used to obtain the authorization code for verification. | | + +Since we already implemented the authorization endpoint (`OAuthController.Authorize` action) for authorization code grant, it automatically enables implicit flow as well. Note: `Provider.ValidateClientRedirectUri` is used to validate the client ID with its redirection URL, which protects the implicit grant flow from sending the access token to malicious clients ([Man-in-the-middle attack](https://www.owasp.org/index.php/Man-in-the-middle_attack)). + +### Resource Owner Password Credentials Grant + +Refer to the IETF's OAuth 2 [Resource Owner Password Credentials Grant](http://tools.ietf.org/html/rfc6749#section-4.3) section now. + + The [Resource Owner Password Credentials Grant](http://tools.ietf.org/html/rfc6749#section-4.3) flow shown in Figure 5 is the flow and mapping which the OWIN OAuth middleware follows. + +| Flow steps from Resource Owner Password Credentials Grant section | Sample download performs these steps with: | +| --- | --- | +| | | +| (A) The resource owner provides the client with its username and password. | | +| | | +| (B) The client requests an access token from the authorization server's token endpoint by including the credentials received from the resource owner. When making the request, the client authenticates with the authorization server. | Provider.MatchEndpoint Provider.ValidateClientAuthentication Provider.ValidateTokenRequest Provider.GrantResourceOwnerCredentials Provider.TokenEndpoint AccessToken Provider.CreateAsync RefreshTokenProvider.CreateAsync | +| | | +| (C) The authorization server authenticates the client and validates the resource owner credentials, and if valid, issues an access token. | | + +Here is the sample implementation for `Provider.GrantResourceOwnerCredentials`: + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample7.cs)] + +> [!NOTE] +> The code above is intended to explain this section of the tutorial and should not be used in secure or production apps. It does not check the resource owners credentials. It assumes every credential is valid and creates a new identity for it. The new identity will be used to generate the access token and refresh token. Please replace the code with your own secure account management code. + + +### Client Credentials Grant + +Refer to the IETF's OAuth 2 [Client Credentials Grant](http://tools.ietf.org/html/rfc6749#section-4.4) section now. + + The [Client Credentials Grant](http://tools.ietf.org/html/rfc6749#section-4.4) flow shown in Figure 6 is the flow and mapping which the OWIN OAuth middleware follows. + +| Flow steps from Client Credentials Grant section | Sample download performs these steps with: | +| --- | --- | +| | | +| (A) The client authenticates with the authorization server and requests an access token from the token endpoint. | Provider.MatchEndpoint Provider.ValidateClientAuthentication Provider.ValidateTokenRequest Provider.GrantClientCredentials Provider.TokenEndpoint AccessTokenProvider.CreateAsync RefreshTokenProvider.CreateAsync | +| | | +| (B) The authorization server authenticates the client, and if valid, issues an access token. | | + +Here is the sample implementation for `Provider.GrantClientCredentials`: + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample8.cs)] + +> [!NOTE] +> The code above is intended to explain this section of the tutorial and should not be used in secure or production apps. Please replace the code with your own secure client management code. + + +### Refresh Token + +Refer to the IETF's OAuth 2 [Refresh Token](http://tools.ietf.org/html/rfc6749#section-1.5) section now. + + The [Refresh Token](http://tools.ietf.org/html/rfc6749#section-1.5) flow shown in Figure 2 is the flow and mapping which the OWIN OAuth middleware follows. + +| Flow steps from Client Credentials Grant section | Sample download performs these steps with: | +| --- | --- | +| | | +| (G) The client requests a new access token by authenticating with the authorization server and presenting the refresh token. The client authentication requirements are based on the client type and on the authorization server policies. | Provider.MatchEndpoint Provider.ValidateClientAuthentication RefreshTokenProvider.ReceiveAsync Provider.ValidateTokenRequest Provider.GrantRefreshToken Provider.TokenEndpoint AccessTokenProvider.CreateAsync RefreshTokenProvider.CreateAsync | +| | | +| (H) The authorization server authenticates the client and validates the refresh token, and if valid, issues a new access token (and, optionally, a new refresh token). | | + +Here is the sample implementation for `Provider.GrantRefreshToken`: + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample9.cs)] + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample10.cs)] + +## Create a Resource Server which is protected by Access Token + +Create an empty web app project and install following packages in the project: + +- Microsoft.AspNet.WebApi.Owin +- Microsoft.Owin.Host.SystemWeb +- Microsoft.Owin.Security.OAuth + +Create a startup class and configure authentication and Web API. See *AuthorizationServer\ResourceServer\Startup.cs* in the sample download. + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample11.cs)] + +See *AuthorizationServer\ResourceServer\App\_Start\Startup.Auth.cs* in the sample download. + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample12.cs)] + +See *AuthorizationServer\ResourceServer\App\_Start\Startup.WebApi.cs* in the sample download. + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample13.cs)] + +- `UseCors` method allows CORS for all domains. +- `UseOAuthBearerAuthentication` method enables OAuth bearer token authentication middleware which will receive and validate bearer token from authorization header in the request. +- `Config.SuppressDefaultHostAuthenticaiton` suppresses default host authenticated principal from the app, therefore all requests will be anonymous after this call. +- `HostAuthenticationFilter` enables authentication just for the specified authentication type. In this case, it's bearer authentication type. + +In order to demonstrate the authenticated identity, we create an ApiController to output current user's claims. + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample14.cs)] + +If the authorization server and the resource server are not on the same computer, the OAuth middleware will use the different machine keys to encrypt and decrypt bearer access token. In order to share the same private key between both projects, we add the same `machinekey` setting in both *web.config* files. + +[!code-xml[Main](owin-oauth-20-authorization-server/samples/sample15.xml?highlight=8-10)] + +## Create OAuth 2.0 Clients + + We use the [DotNetOpenAuth.OAuth2.Client](http://www.nuget.org/packages/DotNetOpenAuth.OAuth2.Client) NuGet package to simplify the client code. + +### Authorization Code Grant Client + + This client is an MVC application. It will trigger an authorization code grant flow to get the access token from backend. It has a single page as shown below: + +![](owin-oauth-20-authorization-server/_static/image3.png) + +- The **Authorize** button will redirect browser to the authorization server to notify the resource owner to grant access to this client. +- The **Refresh** button will get a new access token and refresh token using the current refresh token. +- The **Access Protected Resource API** button will call the resource server to get current user's claims data and show them on the page. + +Here is the sample code of the `HomeController` of the client. + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample16.cs)] + +`DotNetOpenAuth` requires SSL by default. Since our demo is using HTTP, you need to add following setting in the config file: + +[!code-xml[Main](owin-oauth-20-authorization-server/samples/sample17.xml?highlight=4-6)] + +> [!WARNING] +> Security - Never disable SSL in a production app. Your login credentials are now being sent in clear-text across the wire. The code above is just for local sample debugging and exploration. + + +### Implicit Grant Client + +This client is using JavaScript to: + +1. Open a new window and redirect to the authorize endpoint of the Authorization Server. +2. Get the access token from URL fragments when it redirects back. + +The following image shows this process: + +![](owin-oauth-20-authorization-server/_static/image4.png) + +The client should have two pages: one for home page and the other for callback.Here is the sample JavaScript code found in the *Index.cshtml* file: + +[!code-cshtml[Main](owin-oauth-20-authorization-server/samples/sample18.cshtml)] + +Here is the callback handling code in *SignIn.cshtml* file: + +[!code-cshtml[Main](owin-oauth-20-authorization-server/samples/sample19.cshtml)] + +> [!NOTE] +> A best practice is to move the JavaScript to an external file and not embed it with the Razor markup. To keep this sample simple, they have been combined. + + +### Resource Owner Password Credentials Grant Client + +We uses a console app to demo this client. Here is the code: + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample20.cs)] + +### Client Credentials Grant Client + +Similar to the Resource Owner Password Credentials Grant, here is console app code: + +[!code-csharp[Main](owin-oauth-20-authorization-server/samples/sample21.cs)] diff --git a/aspnet/aspnet/overview/owin-and-katana/owin-startup-class-detection.md b/aspnet/aspnet/overview/owin-and-katana/owin-startup-class-detection.md index 63ac9c1f5ce9..9ebd93c234df 100644 --- a/aspnet/aspnet/overview/owin-and-katana/owin-startup-class-detection.md +++ b/aspnet/aspnet/overview/owin-and-katana/owin-startup-class-detection.md @@ -33,20 +33,20 @@ by [Praburaj Thiagarajan](https://github.com/Praburaj), [Rick Anderson](https:// [!code-csharp[Main](owin-startup-class-detection/samples/sample1.cs)] - The `OwinStartup` attribute overrides the naming convention. You can also specify a friendly name with this attribute, however, using a friendly name requires you to also use the `appSetting` element in the configuration file. + The `OwinStartup` attribute overrides the naming convention. You can also specify a friendly name with this attribute, however, using a friendly name requires you to also use the `appSetting` element in the configuration file. 3. **The appSetting element in the Configuration file**: The `appSetting` element overrides the `OwinStartup` attribute and naming convention. You can have multiple startup classes (each using an `OwinStartup` attribute) and configure which startup class will be loaded in a configuration file using markup similar to the following: [!code-xml[Main](owin-startup-class-detection/samples/sample2.xml)] - The following key, which explicitly specifies the startup class and assembly can also be used: + The following key, which explicitly specifies the startup class and assembly can also be used: [!code-xml[Main](owin-startup-class-detection/samples/sample3.xml)] - The following XML in the configuration file specifies a friendly startup class name of `ProductionConfiguration`. + The following XML in the configuration file specifies a friendly startup class name of `ProductionConfiguration`. [!code-xml[Main](owin-startup-class-detection/samples/sample4.xml)] - The above markup must be used with the following `OwinStartup` attribute which specifies a friendly name and causes the `ProductionStartup2` class to run. + The above markup must be used with the following `OwinStartup` attribute which specifies a friendly name and causes the `ProductionStartup2` class to run. [!code-csharp[Main](owin-startup-class-detection/samples/sample5.cs?highlight=1,16)] 4. To disable OWIN startup discovery add the `appSetting owin:AutomaticAppStartup` with a value of `"false"` in the web.config file. @@ -58,29 +58,29 @@ by [Praburaj Thiagarajan](https://github.com/Praburaj), [Rick Anderson](https:// 1. Create an empty Asp.Net web application and name it **StartupDemo**. - Install `Microsoft.Owin.Host.SystemWeb` using the NuGet package manager. From the **Tools** menu, select **Library Package Manager**, and then **Package Manager Console**. Enter the following command: [!code-powershell[Main](owin-startup-class-detection/samples/sample7.ps1)] -2. Add an OWIN startup class. In Visual Studio 2013 right click the project and select **Add Class**.- In the **Add New Item** dialog box, enter *OWIN* in the search field, and change the name to Startup.cs, and then click **Add**. +- Add an OWIN startup class. In Visual Studio 2013 right click the project and select **Add Class**.- In the **Add New Item** dialog box, enter *OWIN* in the search field, and change the name to Startup.cs, and then click **Add**. - ![](owin-startup-class-detection/_static/image1.png) + ![](owin-startup-class-detection/_static/image1.png) - The next time you want to add an *Owin Startup class*, it will be in available from the **Add** menu. + The next time you want to add an *Owin Startup class*, it will be in available from the **Add** menu. - ![](owin-startup-class-detection/_static/image2.png) + ![](owin-startup-class-detection/_static/image2.png) - Alternatively, you can right click the project and select **Add**, then select **New Item**, and then select the **Owin Startup class**. + Alternatively, you can right click the project and select **Add**, then select **New Item**, and then select the **Owin Startup class**. - ![](owin-startup-class-detection/_static/image3.png) + ![](owin-startup-class-detection/_static/image3.png) - Replace the generated code in the *Startup.cs* file with the following: [!code-csharp[Main](owin-startup-class-detection/samples/sample8.cs?highlight=5,7,15-28,31-34)] - The `app.Use` lambda expression is used to register the specified middleware component to the OWIN pipeline. In this case we are setting up logging of incoming requests before responding to the incoming request. The `next` parameter is the delegate ( [Func](https://msdn.microsoft.com/library/bb534960(v=vs.100).aspx) < [Task](https://msdn.microsoft.com/library/dd321424(v=vs.100).aspx) > ) to the next component in the pipeline. The `app.Run` lambda expression hooks up the pipeline to incoming requests and provides the response mechanism. + The `app.Use` lambda expression is used to register the specified middleware component to the OWIN pipeline. In this case we are setting up logging of incoming requests before responding to the incoming request. The `next` parameter is the delegate ( [Func](https://msdn.microsoft.com/library/bb534960(v=vs.100).aspx) < [Task](https://msdn.microsoft.com/library/dd321424(v=vs.100).aspx) > ) to the next component in the pipeline. The `app.Run` lambda expression hooks up the pipeline to incoming requests and provides the response mechanism. > [!NOTE] > In the code above we have commented out the `OwinStartup` attribute and we're relying on the convention of running the class named `Startup` .- Press ***F5*** to run the application. Hit refresh a few times. ![](owin-startup-class-detection/_static/image4.png) - Note: The number shown in the images in this tutorial will not match the number you see. The millisecond string is used to show a new response when you refresh the page. - You can see the trace information in the **Output** window. +Note: The number shown in the images in this tutorial will not match the number you see. The millisecond string is used to show a new response when you refresh the page. + You can see the trace information in the **Output** window. ![](owin-startup-class-detection/_static/image5.png) @@ -100,7 +100,7 @@ In this section we'll add another Startup class. You can add multiple OWIN start [!code-csharp[Main](owin-startup-class-detection/samples/sample10.cs?highlight=6,14-18)] - The `OwinStartup` attribute overload above specifies `TestingConfiguration` as the *friendly* name of the Startup class. + The `OwinStartup` attribute overload above specifies `TestingConfiguration` as the *friendly* name of the Startup class. 6. Open the *web.config* file and add the OWIN App startup key which specifies the friendly name of the Startup class: [!code-xml[Main](owin-startup-class-detection/samples/sample11.xml?highlight=3-5)] @@ -117,11 +117,11 @@ In this section we'll add another Startup class. You can add multiple OWIN start [!code-csharp[Main](owin-startup-class-detection/samples/sample14.cs)] - Each of the OWIN App startup keys below will cause the production class to run. + Each of the OWIN App startup keys below will cause the production class to run. [!code-xml[Main](owin-startup-class-detection/samples/sample15.xml)] - The last startup key specifies the startup configuration method. The following OWIN App startup key allows you to change the name of the configuration class to `MyConfiguration` . + The last startup key specifies the startup configuration method. The following OWIN App startup key allows you to change the name of the configuration class to `MyConfiguration` . [!code-xml[Main](owin-startup-class-detection/samples/sample16.xml)] @@ -131,7 +131,7 @@ In this section we'll add another Startup class. You can add multiple OWIN start [!code-xml[Main](owin-startup-class-detection/samples/sample17.xml?highlight=3-6)] - The last key wins, so in this case `TestStartup` is specified. + The last key wins, so in this case `TestStartup` is specified. 2. Install Owinhost from the PMC: [!code-console[Main](owin-startup-class-detection/samples/sample18.cmd)] @@ -139,14 +139,14 @@ In this section we'll add another Startup class. You can add multiple OWIN start [!code-console[Main](owin-startup-class-detection/samples/sample19.cmd)] - The command window will show: + The command window will show: [!code-console[Main](owin-startup-class-detection/samples/sample20.cmd)] 4. Launch a browser with the URL `http://localhost:5000/`. ![](owin-startup-class-detection/_static/image8.png) - OwinHost honored the startup conventions listed above. + OwinHost honored the startup conventions listed above. 5. In the command window, press Enter to exit OwinHost. 6. In the `ProductionStartup` class, add the following OwinStartup attribute which specifies a friendly name of *ProductionConfiguration*. @@ -155,9 +155,9 @@ In this section we'll add another Startup class. You can add multiple OWIN start [!code-console[Main](owin-startup-class-detection/samples/sample22.cmd)] - The Production startup class is loaded. + The Production startup class is loaded. ![](owin-startup-class-detection/_static/image9.png) - Our application has multiple startup classes, and in this example we have deferred which startup class to load until runtime. + Our application has multiple startup classes, and in this example we have deferred which startup class to load until runtime. 8. Test the following runtime startup options: [!code-console[Main](owin-startup-class-detection/samples/sample23.cmd)] diff --git a/aspnet/docfx.json b/aspnet/docfx.json index 5096a8065d95..89e70466890c 100644 --- a/aspnet/docfx.json +++ b/aspnet/docfx.json @@ -39,13 +39,10 @@ "breadcrumb_path": "/aspnet/breadcrumb/toc.json", "_navPath": "/foo", "_navRel": "/foo", - "searchScope": [ - "ASP.NET" - ] + "searchScope": ["ASP.NET"] }, "fileMetadata": {}, "template": [], - "dest": "_site", - "markdownEngineName": "markdig" + "dest": "_site" } } diff --git a/aspnet/identity/overview/extensibility/implementing-a-custom-mysql-aspnet-identity-storage-provider.md b/aspnet/identity/overview/extensibility/implementing-a-custom-mysql-aspnet-identity-storage-provider.md index af09807c1eee..35c8188ef6c5 100644 --- a/aspnet/identity/overview/extensibility/implementing-a-custom-mysql-aspnet-identity-storage-provider.md +++ b/aspnet/identity/overview/extensibility/implementing-a-custom-mysql-aspnet-identity-storage-provider.md @@ -119,7 +119,7 @@ If needed, install either [Visual Studio Express 2013 for Web](https://go.micros 5. Right click the IdentityMySQLDemo project, select **Add**, **Reference, Solution, Projects;** select the AspNet.Identity.MySQL project and click **OK**. 6. In the IdentityMySQLDemo project, replace all references to `using Microsoft.AspNet.Identity.EntityFramework;` - with + with `using AspNet.Identity.MySQL;` 7. In IdentityModels.cs, set **ApplicationDbContext** to derive from **MySqlDatabase** and include a contructor that take a single parameter with the connection name. diff --git a/aspnet/identity/overview/extensibility/overview-of-custom-storage-providers-for-aspnet-identity.md b/aspnet/identity/overview/extensibility/overview-of-custom-storage-providers-for-aspnet-identity.md index 680833951144..fc671b39b56f 100644 --- a/aspnet/identity/overview/extensibility/overview-of-custom-storage-providers-for-aspnet-identity.md +++ b/aspnet/identity/overview/extensibility/overview-of-custom-storage-providers-for-aspnet-identity.md @@ -148,29 +148,29 @@ The next image shows more details about the functionality defined in each interf ![](overview-of-custom-storage-providers-for-aspnet-identity/_static/image4.png) - **IUserStore** - The [IUserStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613278(v=vs.108).aspx) interface is the only interface you must implement in your user store. It defines methods for creating, updating, deleting, and retrieving users. + The [IUserStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613278(v=vs.108).aspx) interface is the only interface you must implement in your user store. It defines methods for creating, updating, deleting, and retrieving users. - **IUserClaimStore** - The [IUserClaimStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613265(v=vs.108).aspx) interface defines the methods you must implement in your user store to enable user claims. It contains methods or adding, removing and retrieving user claims. + The [IUserClaimStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613265(v=vs.108).aspx) interface defines the methods you must implement in your user store to enable user claims. It contains methods or adding, removing and retrieving user claims. - **IUserLoginStore** - The [IUserLoginStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613272(v=vs.108).aspx) defines the methods you must implement in your user store to enable external authentication providers. It contains methods for adding, removing and retrieving user logins, and a method for retrieving a user based on the login information. + The [IUserLoginStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613272(v=vs.108).aspx) defines the methods you must implement in your user store to enable external authentication providers. It contains methods for adding, removing and retrieving user logins, and a method for retrieving a user based on the login information. - **IUserRoleStore** - The [IUserRoleStore<TKey, TUser>](https://msdn.microsoft.com/library/dn613276(v=vs.108).aspx) interface defines the methods you must implement in your user store to map a user to a role. It contains methods to add, remove, and retrieve a user's roles, and a method to check if a user is assigned to a role. + The [IUserRoleStore<TKey, TUser>](https://msdn.microsoft.com/library/dn613276(v=vs.108).aspx) interface defines the methods you must implement in your user store to map a user to a role. It contains methods to add, remove, and retrieve a user's roles, and a method to check if a user is assigned to a role. - **IUserPasswordStore** - The [IUserPasswordStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613273(v=vs.108).aspx) interface defines the methods you must implement in your user store to persist hashed passwords. It contains methods for getting and setting the hashed password, and a method that indicates whether the user has set a password. + The [IUserPasswordStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613273(v=vs.108).aspx) interface defines the methods you must implement in your user store to persist hashed passwords. It contains methods for getting and setting the hashed password, and a method that indicates whether the user has set a password. - **IUserSecurityStampStore** - The [IUserSecurityStampStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613277(v=vs.108).aspx) interface defines the methods you must implement in your user store to use a security stamp for indicating whether the user's account information has changed. This stamp is updated when a user changes the password, or adds or removes logins. It contains methods for getting and setting the security stamp. + The [IUserSecurityStampStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613277(v=vs.108).aspx) interface defines the methods you must implement in your user store to use a security stamp for indicating whether the user's account information has changed. This stamp is updated when a user changes the password, or adds or removes logins. It contains methods for getting and setting the security stamp. - **IUserTwoFactorStore** - The [IUserTwoFactorStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613279(v=vs.108).aspx) interface defines the methods you must implement to implement two factor authentication. It contains methods for getting and setting whether two factor authentication is enabled for a user. + The [IUserTwoFactorStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613279(v=vs.108).aspx) interface defines the methods you must implement to implement two factor authentication. It contains methods for getting and setting whether two factor authentication is enabled for a user. - **IUserPhoneNumberStore** - The [IUserPhoneNumberStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613275(v=vs.108).aspx) interface defines the methods you must implement to store user phone numbers. It contains methods for getting and setting the phone number and whether the phone number is confirmed. + The [IUserPhoneNumberStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613275(v=vs.108).aspx) interface defines the methods you must implement to store user phone numbers. It contains methods for getting and setting the phone number and whether the phone number is confirmed. - **IUserEmailStore** - The [IUserEmailStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613143(v=vs.108).aspx) interface defines the methods you must implement to store user email addresses. It contains methods for getting and setting the email address and whether the email is confirmed. + The [IUserEmailStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613143(v=vs.108).aspx) interface defines the methods you must implement to store user email addresses. It contains methods for getting and setting the email address and whether the email is confirmed. - **IUserLockoutStore** - The [IUserLockoutStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613271(v=vs.108).aspx) interface defines the methods you must implement to store information about locking an account. It contains methods for getting the current number of failed access attempts, getting and setting whether the account can be locked, getting and setting the lock out end date, incrementing the number of failed attempts, and resetting the number of failed attempts. + The [IUserLockoutStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613271(v=vs.108).aspx) interface defines the methods you must implement to store information about locking an account. It contains methods for getting the current number of failed access attempts, getting and setting whether the account can be locked, getting and setting the lock out end date, incrementing the number of failed attempts, and resetting the number of failed attempts. - **IQueryableUserStore** - The [IQueryableUserStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613267(v=vs.108).aspx) interface defines the members you must implement to provide a queryable user store. It contains a property that holds the queryable users. + The [IQueryableUserStore<TUser, TKey>](https://msdn.microsoft.com/library/dn613267(v=vs.108).aspx) interface defines the members you must implement to provide a queryable user store. It contains a property that holds the queryable users. - You implement the interfaces that are needed in your application; such as, the IUserClaimStore, IUserLoginStore, IUserRoleStore, IUserPasswordStore, and IUserSecurityStampStore interfaces as shown below. + You implement the interfaces that are needed in your application; such as, the IUserClaimStore, IUserLoginStore, IUserRoleStore, IUserPasswordStore, and IUserSecurityStampStore interfaces as shown below. [!code-csharp[Main](overview-of-custom-storage-providers-for-aspnet-identity/samples/sample5.cs)] @@ -213,11 +213,11 @@ The following example shows a role store class. The TRole generic parameter take [!code-csharp[Main](overview-of-custom-storage-providers-for-aspnet-identity/samples/sample8.cs)] - **IRoleStore<TRole>** - The [IRoleStore](https://msdn.microsoft.com/library/dn468195.aspx) interface defines the methods to implement in your role store class. It contains methods for creating, updating, deleting and retrieving roles. + The [IRoleStore](https://msdn.microsoft.com/library/dn468195.aspx) interface defines the methods to implement in your role store class. It contains methods for creating, updating, deleting and retrieving roles. - **RoleStore<TRole>** - To customize RoleStore, create a class that implements the IRoleStore interface. You only have to implement this class if want to use roles on your system. The constructor that takes a parameter named *database* of type ExampleDatabase is only an illustration of how to pass in your data access class. For example, in the MySQL implementation, this constructor takes a parameter of type MySQLDatabase. + To customize RoleStore, create a class that implements the IRoleStore interface. You only have to implement this class if want to use roles on your system. The constructor that takes a parameter named *database* of type ExampleDatabase is only an illustration of how to pass in your data access class. For example, in the MySQL implementation, this constructor takes a parameter of type MySQLDatabase. - For a complete implementation, see [RoleStore (MySQL)](https://aspnet.codeplex.com/SourceControl/latest#Samples/Identity/AspNet.Identity.MySQL/RoleStore.cs) . + For a complete implementation, see [RoleStore (MySQL)](https://aspnet.codeplex.com/SourceControl/latest#Samples/Identity/AspNet.Identity.MySQL/RoleStore.cs) . ## Reconfigure application to use new storage provider diff --git a/aspnet/identity/overview/features-api/account-confirmation-and-password-recovery-with-aspnet-identity.md b/aspnet/identity/overview/features-api/account-confirmation-and-password-recovery-with-aspnet-identity.md index c80e07a128f3..1e000e56c594 100644 --- a/aspnet/identity/overview/features-api/account-confirmation-and-password-recovery-with-aspnet-identity.md +++ b/aspnet/identity/overview/features-api/account-confirmation-and-password-recovery-with-aspnet-identity.md @@ -83,7 +83,7 @@ Start by installing and running [Visual Studio Express 2013 for Web](https://go. ![](account-confirmation-and-password-recovery-with-aspnet-identity/_static/image10.png) - At this point the email has not been confirmed. + At this point the email has not been confirmed. The default data store for ASP.NET Identity is Entity Framework, but you can configure it to use other data stores and to add additional fields. See [Additional Resources](#addRes) section at the end of this tutorial. @@ -147,7 +147,7 @@ In this section, you'll use NuGet to download a more complete sample we will wor [!code-console[Main](account-confirmation-and-password-recovery-with-aspnet-identity/samples/sample4.cmd)] - In this tutorial, we'll use [SendGrid](http://sendgrid.com/) to send email. The `Identity.Samples` package installs the code we will be working with. + In this tutorial, we'll use [SendGrid](http://sendgrid.com/) to send email. The `Identity.Samples` package installs the code we will be working with. 3. Set the [project to use SSL](../../../mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on.md). 4. Test local account creation by running the app, clicking on the **Register** link, and posting the registration form. 5. Click the demo email link, which simulates email confirmation. diff --git a/aspnet/identity/overview/features-api/two-factor-authentication-using-sms-and-email-with-aspnet-identity.md b/aspnet/identity/overview/features-api/two-factor-authentication-using-sms-and-email-with-aspnet-identity.md index ab4d44a48892..cce29af0a41b 100644 --- a/aspnet/identity/overview/features-api/two-factor-authentication-using-sms-and-email-with-aspnet-identity.md +++ b/aspnet/identity/overview/features-api/two-factor-authentication-using-sms-and-email-with-aspnet-identity.md @@ -47,11 +47,11 @@ In this section, you'll use NuGet to download a sample we will work with. Start `Install-Package SendGrid` `Install-Package -Prerelease Microsoft.AspNet.Identity.Samples` - In this tutorial, we'll use [SendGrid](http://sendgrid.com/) to send email and [Twilio](https://www.twilio.com/) or [ASPSMS](https://www.aspsms.com/asp.net/identity/testcredits/) for sms texting. The `Identity.Samples` package installs the code we will be working with. + In this tutorial, we'll use [SendGrid](http://sendgrid.com/) to send email and [Twilio](https://www.twilio.com/) or [ASPSMS](https://www.aspsms.com/asp.net/identity/testcredits/) for sms texting. The `Identity.Samples` package installs the code we will be working with. 3. Set the [project to use SSL](../../../mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on.md). 4. *Optional*: Follow the instructions in my [Email confirmation tutorial](account-confirmation-and-password-recovery-with-aspnet-identity.md) to hook up SendGrid and then run the app and register an email account. 5. *Optional: *Remove the demo email link confirmation code from the sample (The `ViewBag.Link` code in the account controller. See the `DisplayEmail` and `ForgotPasswordConfirmation` action methods and razor views ). -6. Optional: *Remove the `ViewBag.Status` code from the Manage and Account controllers and from the *Views\Account\VerifyCode.cshtml and Views\Manage\VerifyPhoneNumber.cshtml razor views. Alternatively, you can keep the `ViewBag.Status` display to test how this app works locally without having to hook up and send email and SMS messages. +6. *Optional: *Remove the `ViewBag.Status` code from the Manage and Account controllers and from the *Views\Account\VerifyCode.cshtml* and *Views\Manage\VerifyPhoneNumber.cshtml* razor views. Alternatively, you can keep the `ViewBag.Status` display to test how this app works locally without having to hook up and send email and SMS messages. > [!NOTE] > Warning: If you change any of the security settings in this sample, productions apps will need to undergo a security audit that explicitly calls out the changes made. @@ -65,44 +65,44 @@ This tutorial provides instructions for using either Twilio or ASPSMS but you ca 1. **Creating a User Account with an SMS provider** - Create a [Twilio](https://www.twilio.com/try-twilio) or an [ASPSMS](https://www.aspsms.com/asp.net/identity/testcredits/) account. + Create a [Twilio](https://www.twilio.com/try-twilio) or an [ASPSMS](https://www.aspsms.com/asp.net/identity/testcredits/) account. 2. **Installing additional packages or adding service references** - Twilio: - In the Package Manager Console, enter the following command: + Twilio: + In the Package Manager Console, enter the following command: `Install-Package Twilio` - ASPSMS: - The following service reference needs to be added: + ASPSMS: + The following service reference needs to be added: ![](two-factor-authentication-using-sms-and-email-with-aspnet-identity/_static/image1.png) - Address: + Address: `https://webservice.aspsms.com/aspsmsx2.asmx?WSDL` - Namespace: + Namespace: `ASPSMSX2` 3. **Figuring out SMS Provider User credentials** - Twilio: - From the **Dashboard** tab of your Twilio account, copy the **Account SID** and **Auth token**. + Twilio: + From the **Dashboard** tab of your Twilio account, copy the **Account SID** and **Auth token**. - ASPSMS: - From your account settings, navigate to **Userkey** and copy it together with your self-defined **Password**. + ASPSMS: + From your account settings, navigate to **Userkey** and copy it together with your self-defined **Password**. - We will later store these values in the variables `SMSAccountIdentification` and `SMSAccountPassword` . + We will later store these values in the variables `SMSAccountIdentification` and `SMSAccountPassword` . 4. **Specifying SenderID / Originator** - Twilio: - From the **Numbers** tab, copy your Twilio phone number. + Twilio: + From the **Numbers** tab, copy your Twilio phone number. - ASPSMS: - Within the **Unlock Originators** Menu, unlock one or more Originators or choose an alphanumeric Originator (Not supported by all networks). + ASPSMS: + Within the **Unlock Originators** Menu, unlock one or more Originators or choose an alphanumeric Originator (Not supported by all networks). - We will later store this value in the variable `SMSAccountFrom` . + We will later store this value in the variable `SMSAccountFrom` . 5. **Transferring SMS provider credentials into app** - Make the credentials and sender phone number available to the app: + Make the credentials and sender phone number available to the app: [!code-csharp[Main](two-factor-authentication-using-sms-and-email-with-aspnet-identity/samples/sample1.cs)] @@ -110,9 +110,9 @@ This tutorial provides instructions for using either Twilio or ASPSMS but you ca > Security - Never store sensitive data in your source code. The account and credentials are added to the code above to keep the sample simple. See Jon Atten's [ASP.NET MVC: Keep Private Settings Out of Source Control](http://typecastexception.com/post/2014/04/06/ASPNET-MVC-Keep-Private-Settings-Out-of-Source-Control.aspx). 6. **Implementation of data transfer to SMS provider** - Configure the `SmsService` class in the *App\_Start\IdentityConfig.cs* file. + Configure the `SmsService` class in the *App\_Start\IdentityConfig.cs* file. - Depending on the used SMS provider activate either the **Twilio** or the **ASPSMS** section: + Depending on the used SMS provider activate either the **Twilio** or the **ASPSMS** section: [!code-csharp[Main](two-factor-authentication-using-sms-and-email-with-aspnet-identity/samples/sample2.cs)] 7. Run the app and log in with the account you previously registered. diff --git a/aspnet/identity/overview/getting-started/adding-aspnet-identity-to-an-empty-or-existing-web-forms-project.md b/aspnet/identity/overview/getting-started/adding-aspnet-identity-to-an-empty-or-existing-web-forms-project.md index 11f172ccf2a0..4e68f48dc331 100644 --- a/aspnet/identity/overview/getting-started/adding-aspnet-identity-to-an-empty-or-existing-web-forms-project.md +++ b/aspnet/identity/overview/getting-started/adding-aspnet-identity-to-an-empty-or-existing-web-forms-project.md @@ -35,7 +35,7 @@ by [Raquel Soares De Almeida](https://github.com/raquelsa) ![](adding-aspnet-identity-to-an-empty-or-existing-web-forms-project/_static/image2.png) - Notice the **Change Authentication** button is disabled and no authentication support is provided in this template. The Web Forms, MVC and Web API templates allow you to select the authentication approach. For more information, see [Overview of Authentication](../../../visual-studio/overview/2013/creating-web-projects-in-visual-studio.md#auth) . + Notice the **Change Authentication** button is disabled and no authentication support is provided in this template. The Web Forms, MVC and Web API templates allow you to select the authentication approach. For more information, see [Overview of Authentication](../../../visual-studio/overview/2013/creating-web-projects-in-visual-studio.md#auth) . ## Adding Identity Packages to your App @@ -158,9 +158,9 @@ At this point we have only added support for creating users. Now, we are going t 5. Press **Ctrl + F5** to build and run the web application. Enter a new user name and password and then click on **Register**. ![](adding-aspnet-identity-to-an-empty-or-existing-web-forms-project/_static/image13.png) - Note: At this point, the new user is created and logged in. + Note: At this point, the new user is created and logged in. 6. Click on **Log out** button.You will be redirected to the Log in form. 7. Enter an invalid user name or password and Click on **Log in** button. - The `UserManager.Find` method will return null and the error message: " *Invalid user name or password* " will be displayed. + The `UserManager.Find` method will return null and the error message: " *Invalid user name or password* " will be displayed. ![](adding-aspnet-identity-to-an-empty-or-existing-web-forms-project/_static/image14.png) diff --git a/aspnet/identity/overview/getting-started/aspnet-identity-recommended-resources.md b/aspnet/identity/overview/getting-started/aspnet-identity-recommended-resources.md index 3c31cc09c68f..c586089afc17 100644 --- a/aspnet/identity/overview/getting-started/aspnet-identity-recommended-resources.md +++ b/aspnet/identity/overview/getting-started/aspnet-identity-recommended-resources.md @@ -89,7 +89,7 @@ by [Rick Anderson](https://github.com/Rick-Anderson) - [Understanding the Owin External Authentication Pipeline](http://coding.abel.nu/2014/06/understanding-the-owin-external-authentication-pipeline/) - [ASP.NET Identity and Owin Overview](http://coding.abel.nu/2014/06/asp-net-identity-and-owin-overview/) - By [K. Scott Allen](https://twitter.com/OdeToCode) on Ode to Code + By [K. Scott Allen](https://twitter.com/OdeToCode) on Ode to Code - [ASP.NET Core Identity](http://odetocode.com/blogs/scott/archive/2013/11/25/asp-net-core-identity.aspx) This blog examines the core abstractions, including IUser, IUserStore and the I\*Store interfaces. - [ASP.NET Identity with the Entity Framework](http://odetocode.com/blogs/scott/archive/2014/01/03/asp-net-identity-with-the-entity-framework.aspx) Individual User Accounts in MVC 5, Web API and SPA apps, connection strings and managing contexts diff --git a/aspnet/identity/overview/getting-started/aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider.md b/aspnet/identity/overview/getting-started/aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider.md index eb7787b13652..49ac10f20ac0 100644 --- a/aspnet/identity/overview/getting-started/aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider.md +++ b/aspnet/identity/overview/getting-started/aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider.md @@ -37,23 +37,23 @@ At the end of this tutorial, you will have an MVC application with the ASP.NET I [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image2.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image1.png) 3. In the **Choose and Add-on** wizard, select **ClearDB MySQL Database**, and then click the **Next** arrow at the bottom of the frame: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image4.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image3.png) 4. Keep the default **Free** plan, change the **NAME** to **IdentityMySQLDatabase**, select the region that is nearest to you, and then click the **Next** arrow at the bottom of the frame: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image6.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image5.png) 5. Click the **PURCHASE** checkmark to complete the database creation. - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image8.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image7.png) 6. After your database has been created, you can manage it from the **ADD-ONS** tab in the management portal. To retrieve the connection information for your database, click **CONNECTION INFO** at the bottom of the page: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image10.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image9.png) 7. Copy the connection string by clicking on the copy button by the **CONNECTIONSTRING** field and save it; you will use this information later in this tutorial for your MVC application: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image12.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image11.png) ## Creating an MVC application project @@ -63,15 +63,15 @@ To complete the steps in this section of the tutorial, you will first need to in 1. Open Visual Studio 2103. 2. Click **New Project** from the **Start** page, or you can click the **File** menu and then **New Project**: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image2.jpg)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image1.jpg) 3. When the **New Project** dialog box is displayed, expand **Visual C#** in the list of templates, then click **Web**, and select **ASP.NET Web Application**. Name your project **IdentityMySQLDemo** and then click **OK**: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image14.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image13.png) 4. In the **New ASP.NET Project** dialog, select the **MVC** templatewith the default options; this will configure **Individual User Accounts** as the authentication method. Click **OK**: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image16.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image15.png) ## Configure EntityFramework to work with a MySQL database @@ -83,11 +83,11 @@ The MVC application that was created from the Visual Studio 2013 template contai 1. Open your MVC project in Visual Studio 2013. 2. Click **TOOLS**, then click **Library Package Manager**, and then click **Package Manager Console**: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image18.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image17.png) 3. The **Package Manager Console** will appear in the bottom section of Visual Studio. Type "**Update-Package EntityFramework**" and press Enter: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image20.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image19.png) ### Install the MySQL provider for EntityFramework @@ -156,15 +156,15 @@ Once you have completed the steps in the preceding sections, you should test you 1. Press **Ctrl + F5** to build and run the web application. 2. Click the **Register** tab on the top of the page: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image4.jpg)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image3.jpg) 3. Enter a new user name and password, and then click **Register**: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image24.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image23.png) 4. At this point the ASP.NET Identity tables are created on the MySQL Database, and the user is registered and logged into the application: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image6.jpg)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image5.jpg) ### Installing MySQL Workbench tool to verify the data @@ -175,9 +175,9 @@ Once you have completed the steps in the preceding sections, you should test you 4. After establishing the connection, inspect the **ASP.NET Identity** tables created on the **IdentityMySQLDatabase.** 5. You will see that all ASP.NET Identity required tables are created as shown in the image below: - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image8.jpg)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image7.jpg) 6. Inspect the **aspnetusers** table for instance to check for the entries as you register new users. - [Click the following image to expand it. ] + [Click the following image to expand it. ] [![](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image26.png)](aspnet-identity-using-mysql-storage-with-an-entityframework-mysql-provider/_static/image25.png) diff --git a/aspnet/identity/overview/getting-started/developing-aspnet-apps-with-windows-azure-active-directory.md b/aspnet/identity/overview/getting-started/developing-aspnet-apps-with-windows-azure-active-directory.md index a1d682c86295..6b8441214342 100644 --- a/aspnet/identity/overview/getting-started/developing-aspnet-apps-with-windows-azure-active-directory.md +++ b/aspnet/identity/overview/getting-started/developing-aspnet-apps-with-windows-azure-active-directory.md @@ -47,7 +47,7 @@ This tutorial will show you how to create an ASP.NET application that is configu ![](developing-aspnet-apps-with-windows-azure-active-directory/_static/image4.png) - Save the password, you will be required to change the password after the first log in. The following image shows the new admin account. You must use the Azure Active Directory to log into your app, not the Microsoft account also shown on this page. + Save the password, you will be required to change the password after the first log in. The following image shows the new admin account. You must use the Azure Active Directory to log into your app, not the Microsoft account also shown on this page. ![](developing-aspnet-apps-with-windows-azure-active-directory/_static/image5.png) @@ -60,11 +60,11 @@ The following steps use [Visual Studio Express 2013 for Web](https://www.microso ![](developing-aspnet-apps-with-windows-azure-active-directory/_static/image6.png) 3. On the **Change Authentication** dialog, select **Organizational Accounts**. These options can be used to automatically register your application with Azure AD as well as automatically configure your application to integrate with Azure AD. You don't have to use the **Change Authentication** dialog to register and configure your application, but it makes it much easier. If you are using Visual Studio 2012 for example, you can still manually register the application in the Azure Management Portal and update its configuration to integrate with Azure AD. - In the drop-down menus, select **Cloud - Single Organization** and **Single Sign On, Read directory data**. Enter the domain for your Azure AD directory, for example (in the images below) *aricka0yahoo.onmicrosoft.com*, and then click **OK**. You can get the domain name from the Domains tab for the Default Directory on the azure portal (see the next image down). + In the drop-down menus, select **Cloud - Single Organization** and **Single Sign On, Read directory data**. Enter the domain for your Azure AD directory, for example (in the images below) *aricka0yahoo.onmicrosoft.com*, and then click **OK**. You can get the domain name from the Domains tab for the Default Directory on the azure portal (see the next image down). ![](developing-aspnet-apps-with-windows-azure-active-directory/_static/image7.png) - The following image shows the domain name from the Azure portal. + The following image shows the domain name from the Azure portal. ![](developing-aspnet-apps-with-windows-azure-active-directory/_static/image8.png) @@ -89,11 +89,11 @@ The following steps use [Visual Studio Express 2013 for Web](https://www.microso ![](developing-aspnet-apps-with-windows-azure-active-directory/_static/image13.png) - If you get the error: - Value cannot be null or empty. Parameter name: linkText + If you get the error: + Value cannot be null or empty. Parameter name: linkText ![](developing-aspnet-apps-with-windows-azure-active-directory/_static/image14.png) - see the [debug](#dbg) section at the end of the tutorial. + see the [debug](#dbg) section at the end of the tutorial. ## Basics of the Graph API diff --git a/aspnet/identity/overview/getting-started/introduction-to-aspnet-identity.md b/aspnet/identity/overview/getting-started/introduction-to-aspnet-identity.md index e70f068cbbc5..5299744759c4 100644 --- a/aspnet/identity/overview/getting-started/introduction-to-aspnet-identity.md +++ b/aspnet/identity/overview/getting-started/introduction-to-aspnet-identity.md @@ -107,37 +107,37 @@ ASP.NET Identity is implemented using the following procedure. The purpose of th 2. The created project contains the following three packages for ASP.NET Identity. - [`Microsoft.AspNet.Identity.EntityFramework`](http://www.nuget.org/packages/Microsoft.AspNet.Identity.EntityFramework/) - This package has the Entity Framework implementation of ASP.NET Identity which will persist the ASP.NET Identity data and schema to SQL Server. + This package has the Entity Framework implementation of ASP.NET Identity which will persist the ASP.NET Identity data and schema to SQL Server. - [`Microsoft.AspNet.Identity.Core`](http://www.nuget.org/packages/Microsoft.AspNet.Identity.Core/) - This package has the core interfaces for ASP.NET Identity. This package can be used to write an implementation for ASP.NET Identity that targets different persistence stores such as Azure Table Storage, NoSQL databases etc. + This package has the core interfaces for ASP.NET Identity. This package can be used to write an implementation for ASP.NET Identity that targets different persistence stores such as Azure Table Storage, NoSQL databases etc. - [`Microsoft.AspNet.Identity.OWIN`](http://www.nuget.org/packages/Microsoft.AspNet.Identity.Owin/) - This package contains functionality that is used to plug in OWIN authentication with ASP.NET Identity in ASP.NET applications. This is used when you add log in functionality to your application and call into OWIN Cookie Authentication middleware to generate a cookie. + This package contains functionality that is used to plug in OWIN authentication with ASP.NET Identity in ASP.NET applications. This is used when you add log in functionality to your application and call into OWIN Cookie Authentication middleware to generate a cookie. 3. Creating a user. - Launch the application and then click on the **Register** link to create a user. The following image shows the Register page which collects the user name and password. + Launch the application and then click on the **Register** link to create a user. The following image shows the Register page which collects the user name and password. ![](introduction-to-aspnet-identity/_static/image2.png) - When the user clicks the **Register** button, the `Register` action of the Account controller creates the user by calling the ASP.NET Identity API, as highlighted below: + When the user clicks the **Register** button, the `Register` action of the Account controller creates the user by calling the ASP.NET Identity API, as highlighted below: [!code-csharp[Main](introduction-to-aspnet-identity/samples/sample1.cs?highlight=8-9)] 4. Log in. - If the user was successfully created, she is logged in by the `SignInAsync` method. + If the user was successfully created, she is logged in by the `SignInAsync` method. [!code-csharp[Main](introduction-to-aspnet-identity/samples/sample2.cs?highlight=12)] [!code-csharp[Main](introduction-to-aspnet-identity/samples/sample3.cs?highlight=5-6)] - The highlighted code above in the `SignInAsync` method generates a [ClaimsIdentity](https://msdn.microsoft.com/library/system.security.claims.claimsidentity.aspx). Since ASP.NET Identity and OWIN Cookie Authentication are claims-based system, the framework requires the app to generate a ClaimsIdentity for the user. ClaimsIdentity has information about all the claims for the user, such as what roles the user belongs to. You can also add more claims for the user at this stage. + The highlighted code above in the `SignInAsync` method generates a [ClaimsIdentity](https://msdn.microsoft.com/library/system.security.claims.claimsidentity.aspx). Since ASP.NET Identity and OWIN Cookie Authentication are claims-based system, the framework requires the app to generate a ClaimsIdentity for the user. ClaimsIdentity has information about all the claims for the user, such as what roles the user belongs to. You can also add more claims for the user at this stage. - The highlighted code below in the `SignInAsync` method signs in the user by using the AuthenticationManager from OWIN and calling `SignIn` and passing in the ClaimsIdentity. + The highlighted code below in the `SignInAsync` method signs in the user by using the AuthenticationManager from OWIN and calling `SignIn` and passing in the ClaimsIdentity. [!code-csharp[Main](introduction-to-aspnet-identity/samples/sample4.cs?highlight=8-11)] 5. Log off. - Clicking the **Log off** link calls the LogOff action in the account controller. + Clicking the **Log off** link calls the LogOff action in the account controller. [!code-csharp[Main](introduction-to-aspnet-identity/samples/sample5.cs?highlight=6)] - The highlighted code above shows the OWIN `AuthenticationManager.SignOut` method. This is analogous to [FormsAuthentication.SignOut](https://msdn.microsoft.com/library/system.web.security.formsauthentication.signout.aspx) method used by the [FormsAuthentication](https://msdn.microsoft.com/library/system.web.security.formsauthenticationmodule.aspx) module in Web Forms. + The highlighted code above shows the OWIN `AuthenticationManager.SignOut` method. This is analogous to [FormsAuthentication.SignOut](https://msdn.microsoft.com/library/system.web.security.formsauthentication.signout.aspx) method used by the [FormsAuthentication](https://msdn.microsoft.com/library/system.web.security.formsauthenticationmodule.aspx) module in Web Forms. ## Components of ASP.NET Identity diff --git a/aspnet/identity/overview/migrations/migrating-an-existing-website-from-sql-membership-to-aspnet-identity.md b/aspnet/identity/overview/migrations/migrating-an-existing-website-from-sql-membership-to-aspnet-identity.md index 89c63977b430..ddbfe74c5987 100644 --- a/aspnet/identity/overview/migrations/migrating-an-existing-website-from-sql-membership-to-aspnet-identity.md +++ b/aspnet/identity/overview/migrations/migrating-an-existing-website-from-sql-membership-to-aspnet-identity.md @@ -62,14 +62,14 @@ For this tutorial, we will take a web application template (Web Forms) created u 1. In Solution Explorer, right-click the project > **Manage NuGet Packages**. In the search box, enter "Asp.net Identity". Select the package in the list of results and click install. Accept the license agreement by clicking on "I Accept" button. Note that this package will install the dependency packages: EntityFramework and Microsoft ASP.NET Identity Core. Similarly install the following packages (skip the last 4 OWIN packages if you don't want to enable OAuth log-in): - - Microsoft.AspNet.Identity.Owin - - Microsoft.Owin.Host.SystemWeb - - Microsoft.Owin.Security.Facebook - - Microsoft.Owin.Security.Google - - Microsoft.Owin.Security.MicrosoftAccount - - Microsoft.Owin.Security.Twitter - - ![](migrating-an-existing-website-from-sql-membership-to-aspnet-identity/_static/image6.png) + - Microsoft.AspNet.Identity.Owin + - Microsoft.Owin.Host.SystemWeb + - Microsoft.Owin.Security.Facebook + - Microsoft.Owin.Security.Google + - Microsoft.Owin.Security.MicrosoftAccount + - Microsoft.Owin.Security.Twitter + + ![](migrating-an-existing-website-from-sql-membership-to-aspnet-identity/_static/image6.png) ### Migrate database to the new Identity system diff --git a/aspnet/identity/overview/migrations/migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity.md b/aspnet/identity/overview/migrations/migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity.md index 99cc30c32ebb..68f90e4d1031 100644 --- a/aspnet/identity/overview/migrations/migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity.md +++ b/aspnet/identity/overview/migrations/migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity.md @@ -56,11 +56,11 @@ After migrating the application to use the new ASP.NET Identity system, the prof [!code-html[Main](migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity/samples/sample3.html)] - Add the following code in the code behind: + Add the following code in the code behind: [!code-csharp[Main](migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity/samples/sample4.cs)] - Add the namespace under which AppProfile class is defined to remove the compilation errors. + Add the namespace under which AppProfile class is defined to remove the compilation errors. 6. Run the app and create a new user with username '**olduser'.** Navigate to the 'AddProfileData' page and add profile information for the user. ![](migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity/_static/image2.png) @@ -92,12 +92,12 @@ Paste the SQL script from [https://raw.github.com/suhasj/UniversalProviders-Iden - Microsoft.Owin.Security.MicrosoftAccount - Microsoft.Owin.Security.Twitter - More information on managing Nuget packages can be found [here](http://docs.nuget.org/docs/start-here/Managing-NuGet-Packages-Using-The-Dialog) + More information on managing Nuget packages can be found [here](http://docs.nuget.org/docs/start-here/Managing-NuGet-Packages-Using-The-Dialog) 2. To work with existing data in the table, we need to create model classes which map back to the tables and hook them up in the Identity system. As part of the Identity contract, the model classes should either implement the interfaces defined in the Identity.Core dll or can extend the existing implementation of these interfaces available in Microsoft.AspNet.Identity.EntityFramework. We will be using the existing classes for role, user logins and user claims. We need to use a custom user for our sample. Right click on the project and create new folder 'IdentityModels'. Add a new 'User' class as shown below: [!code-csharp[Main](migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity/samples/sample5.cs)] - Notice that the 'ProfileInfo' is now a property on the user class. Hence we can use the user class to directly work with profile data. + Notice that the 'ProfileInfo' is now a property on the user class. Hence we can use the user class to directly work with profile data. Copy the files in the **IdentityModels** and **IdentityAccount** folders from the download source ( [https://github.com/suhasj/UniversalProviders-Identity-Migrations/tree/master/UniversalProviders-Identity-Migrations](https://github.com/suhasj/UniversalProviders-Identity-Migrations/tree/master/UniversalProviders-Identity-Migrations) ). These have the remaining model classes and the new pages needed for user and role management using the ASP.NET Identity APIs. The approach used is similar to the SQL Membership and the detailed explanation can be found [here](migrating-an-existing-website-from-sql-membership-to-aspnet-identity.md). @@ -113,7 +113,7 @@ As mentioned earlier, we need to deserialize the xml data in the Profiles tables [!code-csharp[Main](migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity/samples/sample6.cs)] - Some of the models used are defined in the 'IdentityModels' folder of the web application project, so you must include the corresponding namespaces. + Some of the models used are defined in the 'IdentityModels' folder of the web application project, so you must include the corresponding namespaces. 5. The above code works on the database file in the App\_Data folder of the web application project created in the previous steps. To reference that, update the connection string in the app.config file of the console application with the connection string in the web.config of the web application. Also provide the complete physical path in the 'AttachDbFilename' property. 6. Open a command prompt and navigate to the bin folder of the above console application. Run the executable and review the log output as shown in the following image. ![](migrating-universal-provider-data-for-membership-and-user-profiles-to-aspnet-identity/_static/image3.jpg) diff --git a/aspnet/index.md b/aspnet/index.md index 550c14640d7c..1fae6b79458a 100644 --- a/aspnet/index.md +++ b/aspnet/index.md @@ -19,8 +19,8 @@ description:

ASP.NET Core is a new open-source and cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.

-

Learn the benefits of both ASP.NET Core and ASP.NET - and choose the one that's right for you.

+

[Learn the benefits of both ASP.NET Core and ASP.NET](https://docs.microsoft.com/aspnet/core/choose-aspnet-framework) + and choose the one that's right for you.

  • @@ -152,7 +152,7 @@ description: