|Publicatiedatum||26 mrt. 2013|
With such wide accessibility, securingyour code effectively needs to be a top priority. You will quickly find that the WCF security protocols youre familiar with from .NET (WS-* and similar)are less suitable than they once were in this new environment; proving themselves cumbersome and limited in terms of the standards they can work with.
Fortunately, ASP.NET Web API provides asimple robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP meaningthat there is no limit to the range of devices that it can work with if it can understand HTTP then it can be secured by Web API. These SOAP-less security techniques are the focus of this book.
What youll learn
- Basic and advanced HTTP and security concepts needed to effectively secure ASP.NET Web API applications
- Knowledge-factor based basic, digest and Windows authenticaton schemes
- Ownership factors such as pre-shared keys, client X.509 certificates, JWT (both JWS and JWE) and SWT as OAuth 2.0 bearer token, SAML token from AD FS
- Combinations of the previous two techniques - called two-factor security - using Google Authenticator or Twilio SMS to provide further enhanced security.
Who this book is for
No prior experience of .NET-security is needed to read this book. All security related concepts will be introduced from first-principals and developed to the point where you can use them confidently in a professional environment. A goodworking knowledge and experience of C# and the .NET framework are the onlypre-requisites to benefit from this book.