Cargando…

RESTful Java web services security : secure your RESTful applications against common vulnerabilities /

A sequential and easy-to-follow guide which allows you to understand the concepts related to securing web apps/services quickly and efficiently, since each topic is explained and described with the help of an example and in a step-by-step manner, helping you to easily implement the examples in your...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Enríquez, René
Otros Autores: Salazar C., Andrés
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham, U.K. : Packt Pub., 2014.
Colección:Community experience distilled.
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Cover; Copyright; Credits; About the Authors; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Setting Up the Environment; Downloading tools; Downloading links; Creating the base project; First functional example; Testing the example web service; Summary; Chapter 2: The Importance of Securing Web Services; The importance of security; Security management options; Authorization and authentication; Authentication; Authorization; Access control; Transport layer security; Basic authentication by providing user credentials; Digest access authentication
  • An example with explanationAuthentication through certificates; API keys; Summary; Chapter 3: Security Management with RESTEasy; Fine-grained and coarse-grained security; Securing HTTP methods; HTTP method
  • POST; HTTP method
  • GET; Fine-grained security implementation through annotations; The @RolesAllowed annotation; The @DenyAll annotation; The @PermitAll annotation; Programmatical implementation of fine-grained security; Summary; Chapter 4: RESTEasy Skeleton Key; OAuth protocol; OAuth and RESTEasy Skeleton Key; What is RESTEasy Skeleton Key?; OAuth 2.0 authentication framework
  • Main featuresOAuth2 implementation; Updating RESTEasy modules in JBoss; Setting up the configuration in JBoss; Implementing an OAuth client; SSO configuration for security management; OAuth token via Basic Auth; Running the application; Custom filters; Server-side filters; Client-side filters; Example usage of filters; Summary; Chapter 5: Digital Signatures and Encryption of Messages; Digital signatures; Updating RESTEasy JAR files; Applying digital signatures; Testing the functionality; Validating signatures with annotations; Message body encryption; Testing the functionality
  • Enabling the server with HTTPSTesting the functionality; Summary; Index