Part 3: Adding Basic Authentication to Asp.Net Core the right way

This blog is all about adding Basic Authentication to Asp.Net Core.

Warning: Although implementing Basic Authentication seems easy, it brings a vulnerability to your site! names and passwords provided are sent over the internet unencrypted. This means: the authentication method does not hide the name and password for hackers. You have to encrypt the communication yourself! Therefore, always combine Basic Authentication with SSL, also known as HTTPS.

In the past, I have written my own simple Basic Authentication NuGet package. It’s still ok for simple classic Asp.Net MVC projects.

But I want to use Basic Authentication In Asp.Net Core. Instead of (re)writing my own NuGet package, I checked out the NuGet store and found a nice solution.

This NuGet package provides me the flexibility to add Basic Authentication to my (test) projects.

In this blog, we will see what we have to do to get it running. And we will see how we can beef up the security by using HTTPS.

Continue reading “Part 3: Adding Basic Authentication to Asp.Net Core the right way”