Click here to Skip to main content
13,453,725 members (44,807 online)

Dominic Burford - Professional Profile



Follow on Twitter Google+ LinkedIn      Blog RSS
I am a professional software engineer and architect with over eighteen years commercial development experience with a strong focus on the design and development of web and mobile applications.

I have experience of architecting scalable, distributed, high volume web applications that are accessible from multiple devices due to their responsive web design, including architecting enterprise service-oriented solutions. I have also developed enterprise mobile applications using Xamarin and Telerik Platform.

I have extensive experience using .NET, ASP.NET, Windows and Web Services, WCF, SQL Server, LINQ and other Microsoft technologies. I am also familiar with HTML, Bootstrap, Javascript (inc. JQuery and Node.js), CSS, XML, JSON, Apache Cordova, KendoUI and many other web and mobile related technologies.

I am enthusiastic about Continuous Integration, Continuous Delivery and Application Life-cycle Management having configured such environments using CruiseControl.NET, TeamCity and Team Foundation Services. I enjoy working in Agile and Test Driven Development (TDD) environments.

Outside of work I have two beautiful daughters. I enjoy cycling, running and taking the dog for long walks. I love listening to music and am a fan of Rush and the Red Hot Chilli Peppers to name a few.



For more information on Reputation please see the FAQ.


Members need to achieve at least one of the given member levels in the given reputation categories in order to perform a given action. For example, to store personal files in your account area you will need to achieve Platinum level in either the Author or Authority category. The "If Owner" column means that owners of an item automatically have the privilege. The member types column lists member types who gain the privilege regardless of their reputation level.

ActionAuthorAuthorityDebatorEditorEnquirerOrganiserParticipantIf OwnerMember Types
Have no restrictions on voting frequencysilversilversilversilverAdmin
Bypass spam checks when posting contentsilversilversilversilversilversilversilverSitebuilder, Subeditor, Mentor, Protector, Editor, Staff, Admin
Store personal files in your account areaplatinumplatinumSitebuilder, Subeditor, Supporter, Editor, Staff
Have live hyperlinks in your profilebronzebronzebronzebronzebronzebronzesilverSubeditor, Protector, Editor, Staff, Admin
Have the ability to include a biography in your profilebronzebronzebronzebronzebronzebronzesilverSubeditor, Protector, Editor, Staff, Admin
Edit a Question in Q&AsilversilversilversilverYesSubeditor, Protector, Editor, Admin
Edit an Answer in Q&AsilversilversilversilverYesSubeditor, Protector, Editor, Admin
Delete a Question in Q&AYesSubeditor, Protector, Editor, Admin
Delete an Answer in Q&AYesSubeditor, Protector, Editor, Admin
Report an ArticlesilversilversilversilverSubeditor, Mentor, Protector, Editor, Staff, Admin
Approve/Disapprove a pending ArticlegoldgoldgoldgoldSubeditor, Mentor, Protector, Editor, Staff, Admin
Edit other members' articlesSubeditor, Protector, Editor, Admin
Create an article without requiring moderationplatinumSubeditor, Mentor, Protector, Editor, Staff, Admin
Approve/Disapprove a pending QuestionProtector, Admin
Approve/Disapprove a pending AnswerProtector, Admin
Report a forum messagesilversilverbronzeProtector, Editor, Admin
Approve/Disapprove a pending Forum MessageProtector, Admin
Create a new tagsilversilversilversilverAdmin
Modify a tagsilversilversilversilverAdmin

Actions with a green tick can be performed by this member.

GeneralSerializing .NET types that contain DateTime Pin
Dominic Burford22-Jan-17 18:53
professionalDominic Burford22-Jan-17 18:53 
GeneralClearing the Dead Letter Queue on an Azure Service Bus Queue Pin
Dominic Burford16-Jan-17 8:57
professionalDominic Burford16-Jan-17 8:57 
GeneralMigrating ASP.NET Web API services to the Azure platform Pin
Dominic Burford10-Jan-17 2:45
professionalDominic Burford10-Jan-17 2:45 
GeneralProcessing Azure Service Bus messages using an Azure Function Pin
Dominic Burford4-Jan-17 9:10
professionalDominic Burford4-Jan-17 9:10 
GeneralThe Structure of an Azure Service Bus message Pin
Dominic Burford30-Dec-16 3:11
professionalDominic Burford30-Dec-16 3:11 
GeneralMy Introduction into Service Bus Architecture Pin
Dominic Burford21-Dec-16 6:40
professionalDominic Burford21-Dec-16 6:40 
GeneralAdding resilience to your services by implementng a retry pattern Pin
Dominic Burford19-Dec-16 1:10
professionalDominic Burford19-Dec-16 1:10 
GeneralAuthenticating Web API services with JSON Web Token Pin
Dominic Burford13-Dec-16 2:26
professionalDominic Burford13-Dec-16 2:26 
When I first began looking into how to authenticate calls made to our ASP.NET Web API services, I began by looking at what Azure could offer in the first instance as that is where the services are hosted. Azure offers many different authentication providers including Azure Active Directory, Microsoft accounts and social integrations such as Facebook, Twitter and Google accounts.

I wanted an authentication provider that was programming language agnostic as we would be invoking the services from a C# and Javascript client applications initially. It also needed to be possible for external partners to consume our services if necessary, in which case we had no control over the client application whatsoever.

I decided on using JSON Web Token[^] (JWT) as it fits with these requirements very well. You have a JSON structure which contains your claims (username, email and so on) which is then encoded into a string. This encoded string is then passed from the client application to the ASP.NET Web API services for authentication. The service then decodes the string and asserts the claims contained within. The JWT can be passed as a querystring parameter, as POST data or as an HTTP request header parameter. I decided that passing the JWT as an Authorization HTTP request header would be the ideal choice for our requirements as it is a standard HTTP header parameter.

The way it has been configured is that we have an Azure SQL table that contains a list of clients. Each client has a private key which is in fact a GUID. This private key is used to encode / decode the JSON Web Token. Although we could easily pass the private key with the HTTP request, I have decided that it is more secure to simply look up the private key instead, thus negating the need to pass the private key with each request. Each request contains the client name instead, from which we can perform a lookup of the private key. We then use this private key to decode the token.

Each call to one of our ASP.NET Web API services must contain an Authorization HTTP request header. This header must be composed of the client name and their JSON Web Token string. I have written code that extracts this information from the request and authenticates it. The authentication code is part of our base controller class so that it can be easily re-used by all our services. If authentication passes then the Web API service request is processed as normal. If authentication fails then an appropriate HTTP response is returned in addition to the logging information that is captured to later diagnose why authentication failed.

To make testing authentication easier I have implemented an authentication controller that will enable client applications to test the authentication in isolation without having to actually make any actual requests to our services.

JSON Web Token is a very lightweight, simple and flexible authentication protocol that is supported on many different programming languages. If implementing external facing services where you have no control over the client application then it's a perfect choice.
"There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult." - C.A.R. Hoare

Home | LinkedIn | Google+ | Twitter

GeneralDeploying to Azure with Team Foundation Server 2015 Pin
Dominic Burford9-Dec-16 2:29
professionalDominic Burford9-Dec-16 2:29 
GeneralCatch me over on Medium for my latest blog posts Pin
Dominic Burford7-Dec-16 1:15
professionalDominic Burford7-Dec-16 1:15 
GeneralWeb application metrics with Application Insight Pin
Dominic Burford25-Nov-16 10:03
professionalDominic Burford25-Nov-16 10:03 
GeneralHow to Pick Your Battles on a Software Team Pin
Dominic Burford16-Nov-16 2:33
professionalDominic Burford16-Nov-16 2:33 
GeneralComplete 360 Testing Pin
Dominic Burford27-Oct-16 2:49
professionalDominic Burford27-Oct-16 2:49 
GeneralCompleted the ASP.NET Web API build pipeline Pin
Dominic Burford24-Oct-16 1:18
professionalDominic Burford24-Oct-16 1:18 
GeneralOne code-base for all mobile platforms is a pipe dream Pin
Dominic Burford12-Oct-16 18:42
professionalDominic Burford12-Oct-16 18:42 
GeneralRe: One code-base for all mobile platforms is a pipe dream Pin
Member 1280340119-Oct-16 9:29
memberMember 1280340119-Oct-16 9:29 
GeneralRe: One code-base for all mobile platforms is a pipe dream Pin
Dominic Burford19-Oct-16 21:26
professionalDominic Burford19-Oct-16 21:26 
GeneralOur apps have gone live Pin
Dominic Burford11-Oct-16 18:54
professionalDominic Burford11-Oct-16 18:54 
GeneralFive truths about software development Part IV Pin
Dominic Burford13-Sep-16 2:44
professionalDominic Burford13-Sep-16 2:44 
GeneralIsolating unit tests using Dependency Injection Pin
Dominic Burford11-Aug-16 22:01
professionalDominic Burford11-Aug-16 22:01 
GeneralCould this function be unit tested without modifying it? Pin
Dominic Burford4-Aug-16 1:41
professionalDominic Burford4-Aug-16 1:41 
GeneralRe: Could this function be unit tested without modifying it? Pin
Dominic Burford5-Aug-16 0:24
professionalDominic Burford5-Aug-16 0:24 
GeneralTeam Foundation Services 2015 build tools Pin
Dominic Burford12-Jul-16 9:27
professionalDominic Burford12-Jul-16 9:27 
GeneralMy first app using Telerik Platform Pin
Dominic Burford8-Jul-16 2:23
professionalDominic Burford8-Jul-16 2:23 
GeneralHaving a Mobile Strategy Pin
Dominic Burford5-Jul-16 1:23
professionalDominic Burford5-Jul-16 1:23 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Advertise | Privacy |
Web01-2016 | 2.8.180318.3 | Last Updated 21 Mar 2018
Copyright © CodeProject, 1999-2018
All Rights Reserved. Terms of Service
Layout: fixed | fluid