Profile

Cover photo
Ivan Fioravanti
Worked at 4ward
33,449 views
AboutPostsPhotosYouTube

Stream

Ivan Fioravanti

Discussion  - 
 
Hi,
Is there available a Microsoft Account provider for ServiceStack? I've a customer wanting to use Microsoft accounts for authentication. Thanks.
1
Ivan Fioravanti's profile photoDemis Bellot's profile photo
3 comments
 
ok cool, there's isn't one built-in, hopefully it's just a matter of being able to copy and customize an existing OAuth2 provider like:
https://github.com/ServiceStack/ServiceStack/blob/master/src/ServiceStack.Authentication.OAuth2/GoogleOAuth2Provider.cs

Wont have time to look at it myself before this release, but if you add it on http://servicestack.uservoice.com/forums/176786-feature-requests so I don't forget, I can look into it when I get some free time.
Add a comment...

Ivan Fioravanti

Discussion  - 
 
Hi Demis,
is there a way in ServiceStack to  slide session expiration? I've seen the solution suggested here: http://stackoverflow.com/questions/14857921/how-to-advance-the-session-timeout-in-servicestack but I was wondering if there is something built-in in the recent releases.
1
Ivan Fioravanti's profile photoDemis Bellot's profile photo
3 comments
 
yep IMO that's the best approach. Note you can get the session cache key with:

var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId());
Add a comment...

Ivan Fioravanti

Discussion  - 
 
I'd like to implement JSON Vulnerability Protection for angularjs as described in https://docs.angularjs.org/api/ng/service/$http 

Simply adding ")]}',\n" in front of JSON response.

What is the best solution to achieve this result? Is this really needed?
The $http service is a core Angular service that facilitates communication with the remote HTTP servers via the browser's XMLHttpRequest object or via JSONP. For unit testing applications that use $http service, see $httpBackend mock. For a higher level of abstraction, please check out the ...
1
Demis Bellot's profile photoJezz Santos's profile photoIvan Fioravanti's profile photo
5 comments
 
Hi Jeff, it is explained very well here: http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-json-vulnerability.aspx/

to make it short you have to be sure that response of your service is an invalid javascript statement
Add a comment...

Ivan Fioravanti

Discussion  - 
 
We're facing an issue with HasRole method returning false using Redis as ICacheClient and we're going crazy with this one.

Everything works properly with InMemoryCache. We are using a CustomUserSession, with MongoDB as IUserAuthRepository. 

Any clues?
1
Ivan Fioravanti's profile photoDemis Bellot's profile photo
7 comments
 
Still works in test integration project, I've added some test Session services using Redis CacheClient in this commit: https://github.com/ServiceStack/Test/commit/d55f132aeb7a0d069994e93a7b9891f7593b99c1

Everything seems to be working fine:
Url to get the session is:
http://test.servicestack.net/session
Url to login:
http://test.servicestack.net/login
Url to edit session:
http://test.servicestack.net/session/edit/ANYTEXT
Add a comment...

Ivan Fioravanti

Shared publicly  - 
 
Bella!
 
Social Network a confronto - Social Media comparison

Un interessante infografica che racchiude le principali differenze tra i migliori social network in circolazione.

Fonte: leveragenewagemedia.com/blog

#socialmedia #socialnetwork #Facebook #twitter #googleplus #instagram #pinterest #linkedin

 ·  Translate
1
Add a comment...

Ivan Fioravanti

Shared publicly  - 
 
 
Mi piacciono un sacco le pubblicità della Hoover.
Anche questa merita, l'avete capita al primo sguardo?

#advertising   #guerrillamarketing   #hoover  
 ·  Translate
1
Add a comment...

Ivan Fioravanti

Discussion  - 
 
I need to perform authentication and authorization in ServiceStack using a custom OAuth 2 server. Any hint on how to deal with this?
1
1
Demis Bellot's profile photoJezz Santos's profile photo
13 comments
 
Yep, inMem should be easily done. Will look at OrmLite as alternative if needed
Add a comment...

Ivan Fioravanti

Shared publicly  - 
 
Always forward :)
1
Add a comment...

Ivan Fioravanti

Discussion  - 
 
Is there a plan to add SSL support to Redis Client? I really need it to connect to Azure Redis Cache.
1
Ivan Fioravanti's profile photoDemis Bellot's profile photo
3 comments
 
Doesn't Azure protects services via firewall already like AWS Security Groups? i.e. so only your App Server or dev server allows a physical connection to the redis server?
You can record your interest to vote up this feature request: http://servicestack.uservoice.com/forums/176786-feature-requests/suggestions/6093693-support-ssl-connection-to-redis-instances-hosted-a - I'll look into possible solutions soon. 
Add a comment...

Ivan Fioravanti

Discussion  - 
 
Today we've updated our project to v4.0.30 and we're facing issues with our Locked account logic. We had overridden the AssertNotLocked method in our custom provider, but now in last release locked out logic is "hardcoded" in ValidateAccount method:
" var isLocked = userAuth.LockedDate != null;
            if (isLocked)
            {
                return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccountLocked"));
            }"

Why this? Can't ValidateAccount still call the AssertotLocked method in order to being able to override its logic without having to override the whole ValidateAccount method?

Thanks
1
Ivan Fioravanti's profile photoDemis Bellot's profile photo
3 comments
 
Hey Ivan, I've made the suggested change in this commit: https://github.com/ServiceStack/ServiceStack/commit/8177265e5f77c73291bf745fb2865098bb6d4dc2
Which has now been deployed to MyGet: https://github.com/ServiceStack/ServiceStack/wiki/MyGet
v4.0.31 is expected to be on NuGet early next week.
Add a comment...

Ivan Fioravanti

Discussion  - 
 
I need to use Microsoft Azure Active Directory for authentication in a project. Is this supported in ServiceStack? If not, is it planned for a future release? Some customers are starting to ask us integration with Azure AD.
1
Demis Bellot's profile photoMark Chipman's profile photoIvan Fioravanti's profile photo
5 comments
 
Yes it helps! Thanks a lot!
Add a comment...
Basic Information
Gender
Male
Work
Occupation
CTO 4ward
Employment
  • 4ward
Links