• Complain

Badrinarayanan Lakshmiraghavan - Pro ASP.NET Web API Security: Securing ASP.NET Web API

Here you can read online Badrinarayanan Lakshmiraghavan - Pro ASP.NET Web API Security: Securing ASP.NET Web API full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2013, publisher: Apress, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Badrinarayanan Lakshmiraghavan Pro ASP.NET Web API Security: Securing ASP.NET Web API

Pro ASP.NET Web API Security: Securing ASP.NET Web API: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Pro ASP.NET Web API Security: Securing ASP.NET Web API" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP.
With such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols youre familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with.
Fortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP, meaning that there is no limit to the range of devices that it can work with if it can understand HTTP, then it can be secured by Web API. These SOAP-less security techniques are the focus of this book.

What youll learn
  • Identity management and cryptography
  • HTTP basic and digest authentication and Windows authentication
  • HTTP advanced concepts such as web caching, ETag, and CORS
  • Ownership factors of API keys, client X.509 certificates, and SAML tokens
  • Simple Web Token (SWT) and signed and encrypted JSON Web Token (JWT)
  • OAuth 2.0 from the ground up using JWT as the bearer token
  • OAuth 2.0 authorization codes and implicit grants using DotNetOpenAuth
  • Two-factor authentication using Google Authenticator
  • OWASP Top Ten risks for 2013
Who this book is for

No prior experience of .NET security is needed to read this book. All security related concepts will be introduced from first-principles and developed to the point where you can use them confidently in a professional environment. A good working knowledge of and experience with C# and the .NET framework are the only prerequisites to benefit from this book.

Table of Contents
  1. Welcome to ASP.NET Web API
  2. Building RESTful Services
  3. Extensibility Points
  4. HTTP Anatomy and Security
  5. Identity Management
  6. Encryption and Signing
  7. Custom STS through WIF
  8. Knowledge Factors
  9. Ownership Factors
  10. Web Tokens
  11. OAuth 2.0 Using Live Connect API
  12. OAuth 2.0 From the Ground Up
  13. OAuth 2.0 Using DotNetOpenAuth
  14. Two-Factor Authentication
  15. Security Vulnerabilities
  16. Appendix: ASP.NET Web API Security Distilled

Badrinarayanan Lakshmiraghavan: author's other books


Who wrote Pro ASP.NET Web API Security: Securing ASP.NET Web API? Find out the surname, the name of the author of the book and a list of all author's works by series.

Pro ASP.NET Web API Security: Securing ASP.NET Web API — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Pro ASP.NET Web API Security: Securing ASP.NET Web API" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make

Pro ASPNET Web API Security Securing ASPNET Web API - image 1

Pro ASP.NET Web API Security

Securing ASP.NET Web API

Pro ASPNET Web API Security Securing ASPNET Web API - image 2

Badrinarayanan Lakshmiraghavan

Pro ASPNET Web API Security Securing ASPNET Web API - image 3

Pro ASP.NET Web API Security

Copyright 2013 by Badrinarayanan Lakshmiraghavan

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the materialis concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publishers location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law.

ISBN-13 (pbk): 978-1-4302-5782-0

ISBN-13 (electronic): 978-1-4302-5783-7

Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.

The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights.

While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein.

President and Publisher: Paul Manning

Lead Editor: Ewan Buckingham

Developmental Editor: Barbara McGuire

Technical Reviewer: Fabio Claudio Ferracchiati

Editorial Board: Steve Anglin, Mark Beckner, Ewan Buckingham, Gary Cornell, Louise Corrigan, Morgan Ertel, Jonathan Gennick, Jonathan Hassell, Robert Hutchinson, Michelle Lowman, James Markham, Matthew Moodie, Jeff Olson, Jeffrey Pepper, Douglas Pundick, Ben Renow-Clarke, Dominic Shakeshaft, Gwenan Spearing, Matt Wade, Tom Welsh

Coordinating Editor: Mark Powers

Copy Editor: Teresa Horton

Compositor: SPi Global

Indexer: SPi Global

Artist: SPi Global

Cover Designer: Anna Ishchenko

Distributed to the book trade worldwide by Springer Science+Business Media New York, 233 Spring Street, 6th Floor, New York, NY 10013. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail orders-ny@springer-sbm.com , or visit www.springeronline.com . Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation.

For information on translations, please e-mail rights@apress.com , or visit www.apress.com .

Apress and friends of ED books may be purchased in bulk for academic, corporate, or promotional use. eBook versions and licenses are also available for most titles. For more information, reference our Special Bulk SaleseBook Licensing web page at www.apress.com/bulk-sales .

Any source code or other supplementary materials referenced by the author in this text is available to readers at www.apress.com/9781430257820 . For detailed information about how to locate your books source code, go to www.apress.com/source-code/ .

To Him, who is able to be both larger than the largest and smaller than the smallest.

To my mother and father.

Contents at a Glance

Picture 4

Picture 5

Picture 6

Picture 7

Picture 8

Picture 9

Picture 10

Picture 11

Picture 12

Picture 13

Picture 14

Picture 15

Picture 16

Picture 17

Picture 18

Picture 19

Contents

Download from Wow! eBook

Picture 20

Picture 21

Picture 22

Picture 23

Picture 24

Picture 25

Picture 26

Picture 27

Picture 28

Picture 29

Picture 30

Picture 31

Picture 32

Picture 33

Picture 34

Picture 35

Foreword

Everybody who knows me also knows that identity and access control in distributed applications are very near and dear to my heart. Having spent many years in the WS* security space (or WS-Deathstar as many called it), I was happy to see that Microsoft finally built a web service framework that really embraces HTTP instead of abstracting it away.

It is also fair to say that the web API idea has taken the world (and its developers) by storm. Even if the technology is not really new, having such capabilities in a mainstream framework like .NET makes adoption really easy. In the short period of time since its first release, it has gained a lot of traction.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Pro ASP.NET Web API Security: Securing ASP.NET Web API»

Look at similar books to Pro ASP.NET Web API Security: Securing ASP.NET Web API. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Pro ASP.NET Web API Security: Securing ASP.NET Web API»

Discussion, reviews of the book Pro ASP.NET Web API Security: Securing ASP.NET Web API and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.