RESTful Java web services security : secure your RESTful applications against common vulnerabilities /
A sequential and easy-to-follow guide which allows you to understand the concepts related to securing web apps/services quickly and efficiently, since each topic is explained and described with the help of an example and in a step-by-step manner, helping you to easily implement the examples in your...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Otros Autores: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham, U.K. :
Packt Pub.,
2014.
|
Colección: | Community experience distilled.
|
Temas: | |
Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Cover; Copyright; Credits; About the Authors; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Setting Up the Environment; Downloading tools; Downloading links; Creating the base project; First functional example; Testing the example web service; Summary; Chapter 2: The Importance of Securing Web Services; The importance of security; Security management options; Authorization and authentication; Authentication; Authorization; Access control; Transport layer security; Basic authentication by providing user credentials; Digest access authentication
- An example with explanationAuthentication through certificates; API keys; Summary; Chapter 3: Security Management with RESTEasy; Fine-grained and coarse-grained security; Securing HTTP methods; HTTP method
- POST; HTTP method
- GET; Fine-grained security implementation through annotations; The @RolesAllowed annotation; The @DenyAll annotation; The @PermitAll annotation; Programmatical implementation of fine-grained security; Summary; Chapter 4: RESTEasy Skeleton Key; OAuth protocol; OAuth and RESTEasy Skeleton Key; What is RESTEasy Skeleton Key?; OAuth 2.0 authentication framework
- Main featuresOAuth2 implementation; Updating RESTEasy modules in JBoss; Setting up the configuration in JBoss; Implementing an OAuth client; SSO configuration for security management; OAuth token via Basic Auth; Running the application; Custom filters; Server-side filters; Client-side filters; Example usage of filters; Summary; Chapter 5: Digital Signatures and Encryption of Messages; Digital signatures; Updating RESTEasy JAR files; Applying digital signatures; Testing the functionality; Validating signatures with annotations; Message body encryption; Testing the functionality
- Enabling the server with HTTPSTesting the functionality; Summary; Index