ASP.NET Web API Ready State (4/2017)

I need to record my personal satisfaction with ASP.NET Web API ‘readiness’ (as in battle-ready state), after about four years of working toward this feeling. The trigger for this emotional outburst came with understanding how claims-based security can be used with ASP/NET Web API. Now I can make a little list of highlights for this ready state:

• Using claims-based authentication to ‘spawn’ a generic/shared user without LDAP or AD
• Sharing routes among services with an abstract ApiController class
• Moving legacy databases to SQL Azure
• Automated testing of API controllers with OWIN
• Using the EnableCors attribute to support Cross-Origin Resource Sharing
• Leveraging JObject with Web API
• Extending DefaultContractResolver to handle circular references in data access models
• Building a JObject Repository to back an API (with Autofac)
• IHttpActionResult, attribute-based routing and other ‘basics’
• My use of ‘business domain’ (*.Foo.Models => *.Foo.ModelContext and/or *.Foo.Models => *.Foo.Repository) namespaces for data access (with Autofac).

And now the punchline: All of these learnings have to migrated to ASP.NET Core. Before this great migration, I will need to write notes about each of these items to preserve my progress in these areas and prevent relearning-bottlenecks in future.

Related Links

• “An Introduction to Claims”
• “Raffaele Rialdi on Security in ASP.NET Core”

https://github.com/BryanWilhite/