Badrinarayanan Lakshmiraghavan - Pro ASP.NET Web API Security: Securing ASP.NET Web API
Here you can read online Badrinarayanan Lakshmiraghavan - Pro ASP.NET Web API Security: Securing ASP.NET Web API full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2013, publisher: Apress, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Pro ASP.NET Web API Security: Securing ASP.NET Web API
- Author:
- Publisher:Apress
- Genre:
- Year:2013
- Rating:3 / 5
- Favourites:Add to favourites
- Your mark:
Pro ASP.NET Web API Security: Securing ASP.NET Web API: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Pro ASP.NET Web API Security: Securing ASP.NET Web API" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP.
With such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols youre familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with.
Fortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP, meaning that there is no limit to the range of devices that it can work with if it can understand HTTP, then it can be secured by Web API. These SOAP-less security techniques are the focus of this book.
- Identity management and cryptography
- HTTP basic and digest authentication and Windows authentication
- HTTP advanced concepts such as web caching, ETag, and CORS
- Ownership factors of API keys, client X.509 certificates, and SAML tokens
- Simple Web Token (SWT) and signed and encrypted JSON Web Token (JWT)
- OAuth 2.0 from the ground up using JWT as the bearer token
- OAuth 2.0 authorization codes and implicit grants using DotNetOpenAuth
- Two-factor authentication using Google Authenticator
- OWASP Top Ten risks for 2013
No prior experience of .NET security is needed to read this book. All security related concepts will be introduced from first-principles and developed to the point where you can use them confidently in a professional environment. A good working knowledge of and experience with C# and the .NET framework are the only prerequisites to benefit from this book.
Table of Contents- Welcome to ASP.NET Web API
- Building RESTful Services
- Extensibility Points
- HTTP Anatomy and Security
- Identity Management
- Encryption and Signing
- Custom STS through WIF
- Knowledge Factors
- Ownership Factors
- Web Tokens
- OAuth 2.0 Using Live Connect API
- OAuth 2.0 From the Ground Up
- OAuth 2.0 Using DotNetOpenAuth
- Two-Factor Authentication
- Security Vulnerabilities
- Appendix: ASP.NET Web API Security Distilled
Badrinarayanan Lakshmiraghavan: author's other books
Who wrote Pro ASP.NET Web API Security: Securing ASP.NET Web API? Find out the surname, the name of the author of the book and a list of all author's works by series.
Pro ASP.NET Web API Security: Securing ASP.NET Web API — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Pro ASP.NET Web API Security: Securing ASP.NET Web API" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Pro ASP.NET Web API Security
Securing ASP.NET Web API
Badrinarayanan Lakshmiraghavan
Pro ASP.NET Web API Security
Copyright 2013 by Badrinarayanan Lakshmiraghavan
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the materialis concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publishers location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law.
ISBN-13 (pbk): 978-1-4302-5782-0
ISBN-13 (electronic): 978-1-4302-5783-7
Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.
The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights.
While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein.
President and Publisher: Paul Manning
Lead Editor: Ewan Buckingham
Developmental Editor: Barbara McGuire
Technical Reviewer: Fabio Claudio Ferracchiati
Editorial Board: Steve Anglin, Mark Beckner, Ewan Buckingham, Gary Cornell, Louise Corrigan, Morgan Ertel, Jonathan Gennick, Jonathan Hassell, Robert Hutchinson, Michelle Lowman, James Markham, Matthew Moodie, Jeff Olson, Jeffrey Pepper, Douglas Pundick, Ben Renow-Clarke, Dominic Shakeshaft, Gwenan Spearing, Matt Wade, Tom Welsh
Coordinating Editor: Mark Powers
Copy Editor: Teresa Horton
Compositor: SPi Global
Indexer: SPi Global
Artist: SPi Global
Cover Designer: Anna Ishchenko
Distributed to the book trade worldwide by Springer Science+Business Media New York, 233 Spring Street, 6th Floor, New York, NY 10013. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail orders-ny@springer-sbm.com , or visit www.springeronline.com . Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation.
For information on translations, please e-mail rights@apress.com , or visit www.apress.com .
Apress and friends of ED books may be purchased in bulk for academic, corporate, or promotional use. eBook versions and licenses are also available for most titles. For more information, reference our Special Bulk SaleseBook Licensing web page at www.apress.com/bulk-sales .
Any source code or other supplementary materials referenced by the author in this text is available to readers at www.apress.com/9781430257820 . For detailed information about how to locate your books source code, go to www.apress.com/source-code/ .
To Him, who is able to be both larger than the largest and smaller than the smallest.
To my mother and father.
Contents at a Glance
Contents
Download from Wow! eBook
Foreword
Everybody who knows me also knows that identity and access control in distributed applications are very near and dear to my heart. Having spent many years in the WS* security space (or WS-Deathstar as many called it), I was happy to see that Microsoft finally built a web service framework that really embraces HTTP instead of abstracting it away.
It is also fair to say that the web API idea has taken the world (and its developers) by storm. Even if the technology is not really new, having such capabilities in a mainstream framework like .NET makes adoption really easy. In the short period of time since its first release, it has gained a lot of traction.
Next pageFont size:
Interval:
Bookmark:
Similar books «Pro ASP.NET Web API Security: Securing ASP.NET Web API»
Look at similar books to Pro ASP.NET Web API Security: Securing ASP.NET Web API. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Pro ASP.NET Web API Security: Securing ASP.NET Web API and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.