Theme: .NET is recognized as a compelling framework for building cloud native apps

[samsp-msft]

Today, .NET is seen as a stack for enterprises building LOB applications. “.NET is for people who work at banks” is not uncommon feedback in our customer interviews. We plan to change that by building great fundamentals and investing in OSS ecosystems that give us a platform to reach new customer bases. At the same time our existing enterprise customers want to become more Cloud Native, and we need to flatten the learning curve and barriers to adoption.

Scenario Areas

• Improve development experience for multi-app solutions
• .NET Apps can depend on containers in Dev
• Epic: Ship an extensible/customizable reverse proxy performant enough for cloud scale workloads microsoft/reverse-proxy#480
• Provide an API experience that scales down well and is easier to learn aspnetcore#27724
• Libraries to interop with common cloud native components/services
• .NET can effectively scale with orchestrator configurations  #5443
• .NET developers can use common Cloud Native OSS #5424
• .NET apps work well in constrained environments #5434
• .NET applications are observable and easily diagnosable #5929
• Improve data access performance efcore#24110

Related Epics

• [Epic] ASP.NET Performance goals for .NET 6.0 aspnetcore#27226

[danmoseley]

@glennc I added the Metrics story.

[veikkoeeva]

I would like to suggest adding a distroless distribution also. See:

• Suggestion: Different approach for distroless .NET Core GoogleContainerTools/distroless#512
• https://michaeldimoudis.medium.com/hardening-asp-net-core-3-1-docker-images-f0c2ede1667f

I am thinking specifically a hardened image, but size and performance are likely improved also.

[papyr]

Feature Request: Drop-in component for ASP Identity Administration, Portals, UI, SSO, Claims, AD-Sync, Token, Multi.Tenant Management so that the Visual Studio templates don't require commercial licensed 3rd party components.

I have been watching/waiting few yrs. patiently, however some recent changes have forced me to request -- Microsoft revisit this for their developer community, keeping in mind some of the pricing out there compares to the salaries of 10 to 15 developers in Bangladesh, Vietnam, India, Philippines etc.

Its a Core & Basic need, yet very complex and critical for the developer, with security risks.

There's a void in .NET native drop-in solution, unlike the Java, PHP Stacks etc, where there are many native drop in Identity Administration & Management Frameworks options that are leveraged across all their platforms seamlessly by developers, for e.g. the J2EE Pluggable Identity Management Framework or JSR 168 or JSR 286 or JSR-351 or JSR-375.

Why is this important? because using Java or PHP, it has allowed easy, clear, core and basic functionalities in those native stacks. As a result if you look JSR 168 or JSR 286 or JSR-351 or JSR-375 Multi-tenants, Group to roles, or to claims vice versa is so easy vs. NET , mobile devices, portals, they all work seamlessly and cohesively with security fixes managed by either IBM or SalesForce or Oracle or Red Hat etc. This is enables developer to be productive right out of the gate.

In .Net there is void/very limited support, always requiring a combination of 3rd parties as a barrier to entry & adoption of ASP app. This is non-trivial for developers and security vulnerability that requires the attention of Microsoft Experts.

Example: We have private information sharing site non OSS for the community almost free (pay if you want), and when we started with web forms, then Simple Membership, the Identity, Identity 2 ASP MVC we had implement much of it on top of these from scratch, when we moved to .NET Core it was another effort. Besides the development there was a lot of confusion on the internal concepts and how they now meant new things. Roles, Claims, Federation, SAML then SAML 2.0 and then Open ID 2.

Describe the solution you'd like

1. In-house (Microsoft made) -- A drop-in is extensible solution that supports ASP MVC Identity eco-system, Administration, GUI, SSO, Token, Multi-tenant Management, independent of 3rd party companies and Identity Servers

2. A configuration section to turn on-off the various features.
   

3. Embedded into VS Templates (remove Identity Server, use native MS option etc.)
   

4. Allow-Easy AD Active Directory Integration
   

5. Web page to Create User Defined/Created Fields UDF - dynamic fields in web apps from the web page.
6. SAML2/CAS
7. Allow template option Configuration.MultiTenancy.IsEnabled = true; Global DataFilter for Tenant entities
8. C# ML Streaming & detect events or video Support for e.g. from Kafka
9. Dashboard platform with Widgets and settings
10. Dynamically creating and adding components. Angular ComponentFactoryResolver alternative.
11. Provide a built-in or otherwise framework supplied mechanism for View Components, when rendered via a tag helper, to render user-supplied child content that can be injected into the View Component's view template in pre-defined locations

Its high time MS address this core gate-keeping features specifically authorization, groups, roles security!!

[mairaw]

Bulk closing .NET 6 epics and user stories. If you think this issue was closed in error, please reopen the issue and update it accordingly.