Pro ASP.NET Web API Security : securing ASP.NET Web API / / Badrinarayanan Lakshmiraghavan
(Visualizza in formato marc)
(Visualizza in BIBFRAME)
| Autore: |
Lakshmiraghavan Badrinarayanan
|
| Titolo: |
Pro ASP.NET Web API Security : securing ASP.NET Web API / / Badrinarayanan Lakshmiraghavan
|
| Pubblicazione: | [Berkeley, Calif.], : Apress, c2013 |
| Edizione: | 1st ed. 2013. |
| Descrizione fisica: | 1 online resource (xxvii, 388 pages) : illustrations (some color) |
| Disciplina: | 005.8 |
| Soggetto topico: | Computer security |
| Data protection | |
| Note generali: | Includes index. |
| Nota di contenuto: | Cover; Title Page; Copyright Page; Dedication Page; Contents at a Glance; Table of Contents; Foreword; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; What You'll Learn; How This Book Is Organized; Chapter 1: Welcome to ASP.NET Web API; Chapter 2: Building RESTful Services; Chapter 3: Extensibility Points; Chapter 4: HTTP Anatomy and Security; Chapter 5: Identity Management; Chapter 6: Encryption and Signing; Chapter 7: Custom STS through WIF; Chapter 8: Knowledge Factors; Chapter 9: Ownership Factors; Chapter 10: Web Tokens |
| Chapter 11: OAuth 2.0 Using Live Connect APIChapter 12: OAuth 2.0 from the Ground Up; Chapter 13: OAuth 2.0 Using DotNetOpenAuth; Chapter 14: Two-Factor Authentication; Chapter 15: Security Vulnerabilities; Appendix: ASP.NET Web API Security Distilled; What You Need to Use This Book; Who This Book Is For; CHAPTER 1 Welcome to ASP.NET Web API; What Is a Web API, Anyway?; A Primer on RESTful Web API; Hello, ASP.NET Web API!; WCF vs. ASP.NET Web API; Programming Model Differences; Scenarios in Which ASP.NET Web API Shines; A Primer on Security; Summary; CHAPTER 2 Building RESTful Services | |
| What Is a RESTful Service?Identification of Resources; Manipulation of Resources Through Representations; Self-Descriptive Messages; Scenario 1: JSON Representation; Scenario 2: No Content Type; Scenario 3: XML Representation; Scenario 4: Mix and Match; Hypermedia as the Engine of Application State; Implementing and Consuming an ASP.NET Web API; Our First Attempt in Securing a Web API; Forms Authentication; Summary; CHAPTER 3 Extensibility Points; The What and Why of Extensibility Points; ASP.NET Web API Life Cycle; Filters; Authorize Filter; Subclassed Authorize Filter; ActionFilter | |
| Message HandlersHTTP Modules; Summary; CHAPTER 4 HTTP Anatomy and Security; HTTP Transaction; HTTP Request; Request Headers; HTTP Methods; Method Overriding; HTTP Response; Status Codes; The Curious Case of an Unhandled Exception; Response Headers; Response Body; Web Caching; Entity Tag; Implementing ETag in ASP.NET Web API; ETag ActionFilter; Testing ETag ActionFilter; ETags for Managing Concurrency; Cross-Origin Resource Sharing; Simple CORS; Simple CORS; Preflighted Request; Preflighted Request; Implementing Preflighted CORS in ASP.NET Web API | |
| Implementing Preflighted CORS in ASP.NET Web APIHTTP Cookies; Cookies and ASP.NET Web API; HttpOnly Cookies; Proxy Server; HTTPS; Configuring HTTPS for ASP.NET Web API Hosted in IIS; Fiddler: A Tool for Web Debugging; Capturing and Decrypting HTTPS Traffic; Fiddler as Man-in-the-Middle; Summary; CHAPTER 5 Identity Management; Authentication and Authorization; Role-Based Security; Identity and Principal; Using Generic Identity in a WinForms Application; Using Windows Identity in a Console Application; The Curious Case of Thread.CurrentPrincipal; Claims-Based Security; Real-World Analogy | |
| Claims-Based Access Control vs. Role-Based Access Control | |
| Sommario/riassunto: | ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP. With such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols you’re familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with. Fortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP, meaning that there is no limit to the range of devices that it can work with – if it can understand HTTP, then it can be secured by Web API. These SOAP-less security techniques are the focus of this book. |
| Titolo autorizzato: | Pro ASP.NET Web API Security |
| ISBN: | 9781430257837 |
| 1430257830 | |
| Formato: | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione: | Inglese |
| Record Nr.: | 9910739429503321 |
| Lo trovi qui: | Univ. Federico II |
| Opac: | Controlla la disponibilità qui |
Serie:
Expert's voice in .NET.