In the previous chapter, we gave serious consideration to the transport layer solutions for ensuring secure connections. With that knowledge, we'll be spending this chapter exploring the kinds of host-to-host interactions that demand that transport-level security. We'll be taking a step back up the tiers of the network stack, into the application layer, to look at how authentication and authorization is handled in .NET Core. We'll look at the various standards supported by the authorization header of HTTP. Then, we'll look at some widely used and widely supported open source tools for authentication. Finally, we'll look at how to manage access control within a C# application.
The following topics will be covered in this chapter:
- The various authentication schemes supported by valid authorization header values...