RESTful Java web services security : secure your RESTful applications against common vulnerabilities / René Enríquez, Andrés Salazar C.

Format:

Book

Author/Creator:

Enriquez, Rene, author.

Salazar, Andrés C., author.

Series:

Community experience distilled

Language:

English

Subjects (All):

Java (Computer program language).

Physical Description:

1 online resource (144 p.)

Edition:

1st edition

Other Title:

Secure your RESTful applications against common vulnerabilities

Place of Publication:

Birmingham, England : Packt Publishing, 2014.

Language Note:

English

System Details:

text file

Biography/History:

Enriquez Rene: Ren Enrquez works as technical leader in a multinational company headquartered in Silicon Valley. He worked on different projects using Java Enterprise Edition and Spring Framework. He currently works with different Spring projects to maintain legacy code and write microservices applying best practices to deliver products using Agile techniques with a strong focus on testing at different levels. During the last years, he worked as a software consultant for private and government companies and as an instructor of courses to develop enterprise and mobile applications. He was also a speaker at the ScrumDay and JavaDay conferences in Quito-Ecuador.

Summary:

A sequential and easy-to-follow guide which allows you to understand the concepts related to securing web apps/services quickly and efficiently, since each topic is explained and described with the help of an example and in a step-by-step manner, helping you to easily implement the examples in your own projects. This book is intended for web application developers who use RESTful web services to power their websites. Prior knowledge of RESTful is not mandatory, but would be advisable.

Contents:

Cover; Copyright; Credits; About the Authors; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Setting Up the Environment; Downloading tools; Downloading links; Creating the base project; First functional example; Testing the example web service; Summary; Chapter 2: The Importance of Securing Web Services; The importance of security; Security management options; Authorization and authentication; Authentication; Authorization; Access control; Transport layer security; Basic authentication by providing user credentials; Digest access authentication

An example with explanationAuthentication through certificates; API keys; Summary; Chapter 3: Security Management with RESTEasy; Fine-grained and coarse-grained security; Securing HTTP methods; HTTP method - POST; HTTP method - GET; Fine-grained security implementation through annotations; The @RolesAllowed annotation; The @DenyAll annotation; The @PermitAll annotation; Programmatical implementation of fine-grained security; Summary; Chapter 4: RESTEasy Skeleton Key; OAuth protocol; OAuth and RESTEasy Skeleton Key; What is RESTEasy Skeleton Key?; OAuth 2.0 authentication framework

Main featuresOAuth2 implementation; Updating RESTEasy modules in JBoss; Setting up the configuration in JBoss; Implementing an OAuth client; SSO configuration for security management; OAuth token via Basic Auth; Running the application; Custom filters; Server-side filters; Client-side filters; Example usage of filters; Summary; Chapter 5: Digital Signatures and Encryption of Messages; Digital signatures; Updating RESTEasy JAR files; Applying digital signatures; Testing the functionality; Validating signatures with annotations; Message body encryption; Testing the functionality

Enabling the server with HTTPSTesting the functionality; Summary; Index

Notes:

Includes index.

Description based on online reosurce; title from PDF title page (ebrary, viewed August 9, 2014).

ISBN:

9781783980116

1783980117

OCLC:

885019799