-
- [x] Swagger configuration
- [x] JWT for protected endpoints
-
We need to document how to configure the workflow server (ASP.NET Core) with authentication middleware and securing the Elsa API controllers and how to configure the dashboard with a plugin to send ac…
-
## Summary
Support client certificates as a method to identify the relay to RPC/gRPC/Websocket endpoints. This improved system security and stability by allowing the usage of private RPC endpoints …
-
Spring Security 5.8/6 supports delaying the lookup of the `SecurityContext` until an authorization rule requires it.
As such, it's preferred to use `authorizeHttpRequests#permitAll` over `web.igno…
-
## 🐛 Bug
Our custom `ProtectedRequestUserChecker` class adds an extra layer to the Laratrust `isAbleTo` check. If a permission would require any role besides Applicant or Base roles, it fails unles…
-
**Which version of Duende IdentityServer are you using?**
6.2.5
6.3.10
7.0.8
**Which version of .NET are you using?**
.net 6.0.36
.net 8.0.404
**Describe the bug**
We use the Razor Pages in `/Pages/…
-
Veracode Software Composition Analysis
===============================
Attribute | Details
| --- | --- |
Library | Spring Web
Description | Spring Web
Language | JAVA
Vulnerability | R…
-
### What problem are you trying to solve?
I want "protected enclaves" where the JS code accessed via HTTP requests are only accessible within my company's VPC so that malicious external entities cann…
-
- 初期迭代可使用简单的AuthN, e.g. token.
-
So I took this demo code from https://demos.blazorbootstrap.com/form/time-input#validations and ran it, it works as expected. If I wrap the EditForm with AuthorizeView tags with a custom Policy, I ge…