Getting Started with OAuth 2.0

Programming Clients for Secure Web API Authorization and Authentication

Author: Ryan Boyd

Publisher: "O'Reilly Media, Inc."

ISBN: 1449331610

Category: Computers

Page: 82

View: 8012

Whether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application. Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks. Understand OAuth 2.0’s role in authentication and authorization Learn how OAuth’s Authorization Code flow helps you integrate data from different business applications Discover why native mobile apps use OAuth differently than mobile web apps Use OpenID Connect and eliminate the need to build your own authentication system

OAuth

Getting Started in Web-API Security

Author: Matthias Biehl

Publisher: Matthias Biehl

ISBN: N.A

Category: Computers

Page: 44

View: 2864

This book offers an introduction to web-API security with OAuth 2.0 and OpenID Connect. In less than 50 pages you will gain an overview of the capabilities of OAuth. You will learn the core concepts of OAuth. You will get to know all four OAuth flows that are used in cloud solutions and mobile apps. If you have tried to read the official OAuth specification, you may get the impression that OAuth is complex. This book explains OAuth in simple terms. The different OAuth flows are visualized graphically using sequence diagrams. The diagrams allow you to see the big picture of the various OAuth interactions. This high-level overview is complemented with rich set of example requests and responses and an explanation of the technical details. In the book the challenges and benefits of OAuth are presented, followed by an explanation of the technical concepts of OAuth. The technical concepts include the actors, endpoints, tokens and the four OAuth flows. Each flow is described in detail, including the use cases for each flow. Extensions of OAuth are presented, such as OpenID Connect and the SAML2 Bearer Profile. Who should read this book? You do not have the time to read long books? This book provides an overview, the core concepts, without getting lost in the small-small details. This book provides all the necessary information to get started with OAuth in less than 50 pages. You believe OAuth is complicated? OAuth may seem complex with flows and redirects going back and forth. This book will give you clarity by introducing the seemingly complicated material by many illustrations. These illustrations clearly show all the involved interaction parties and the messages they exchange. You want to learn the OAuth concepts efficiently? This book uses many illustrations and sequence diagrams. A good diagram says more than 1000 words. You want to learn the difference between OAuth and OpenID Connect? You wonder when the two concepts are used, what they have in common and what is different between them. This book will help you answer this question. You want to use OAuth in your mobile app? If you want to access resources that are protected by OAuth, you need to get a token first, before you can access the resource. For this, you need to understand the OAuth flows and the dependencies between the steps of the flows. You want to use OAuth to protect your APIs? OAuth is perfectly suited to protect your APIs. You can learn which OAuth endpoints need to be provided and which checks need to be made within the protected APIs.

Microservices

Konzeption und Design

Author: Sam Newman

Publisher: MITP-Verlags GmbH & Co. KG

ISBN: 3958450830

Category: Computers

Page: 312

View: 3562

Feingranulare Systeme mit Microservices aufbauen Design, Entwicklung, Deployment, Testen und Monitoring Sicherheitsaspekte, Authentifizierung und Autorisierung Verteilte Systeme haben sich in den letzten Jahren stark verändert: Große monolithische Architekturen werden zunehmend in viele kleine, eigenständige Microservices aufgespalten. Aber die Entwicklung solcher Systeme bringt Herausforderungen ganz eigener Art mit sich. Dieses Buch richtet sich an Softwareentwickler, die sich über die zielführenden Aspekte von Microservice-Systemen wie Design, Entwicklung, Testen, Deployment und Monitoring informieren möchten. Sam Newman veranschaulicht und konkretisiert seine ganzheitliche Betrachtung der grundlegenden Konzepte von Microservice-Architekturen anhand zahlreicher praktischer Beispiele und Ratschläge. Er geht auf die Themen ein, mit denen sich Systemarchitekten und Administratoren bei der Einrichtung, Verwaltung und Entwicklung dieser Architekturen in jedem Fall auseinandersetzen müssen. Aus dem Inhalt: Vorteile von Microservices Gestaltung von Services Ausrichtung der Systemarchitektur an der Organisationsstruktur Möglichkeiten zur Integration von Services Schrittweise Aufspaltung einer monolithischen Codebasis Deployment einzelner Microservices mittels Continuous Integration Testen und Monitoring verteilter Systeme Sicherheitsaspekte Authentifizierung und Autorisierung zwischen Benutzer und Service bzw. zwischen Services untereinander Skalierung von Microservice-Architekturen »Microservice-Architekturen besitzen viele interessante Eigenschaften, allerdings sind bei der Umstellung so einige Fallstricke zu beachten. Dieses Buch wird Ihnen helfen herauszufinden, ob Microservices für Ihre Zwecke geeignet sind und zeigt Ihnen, wie Sie die Fallstricke umgehen können.« Martin Fowler, Chief Scientist, ThoughtWorks

Pro ASP.NET Web API Security

Securing ASP.NET Web API

Author: Badrinarayanan Lakshmiraghavan

Publisher: Apress

ISBN: 1430257830

Category: Computers

Page: 416

View: 6849

ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP. With such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols you’re familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with. Fortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP, meaning that there is no limit to the range of devices that it can work with – if it can understand HTTP, then it can be secured by Web API. These SOAP-less security techniques are the focus of this book.

OAuth

Getting Started in Web-API Security

Author: Matthias Biehl

Publisher: Matthias Biehl

ISBN: N.A

Category: Computers

Page: 44

View: 1871

This book offers an introduction to web-API security with OAuth 2.0 and OpenID Connect. In less than 50 pages you will gain an overview of the capabilities of OAuth. You will learn the core concepts of OAuth. You will get to know all four OAuth flows that are used in cloud solutions and mobile apps. If you have tried to read the official OAuth specification, you may get the impression that OAuth is complex. This book explains OAuth in simple terms. The different OAuth flows are visualized graphically using sequence diagrams. The diagrams allow you to see the big picture of the various OAuth interactions. This high-level overview is complemented with rich set of example requests and responses and an explanation of the technical details. In the book the challenges and benefits of OAuth are presented, followed by an explanation of the technical concepts of OAuth. The technical concepts include the actors, endpoints, tokens and the four OAuth flows. Each flow is described in detail, including the use cases for each flow. Extensions of OAuth are presented, such as OpenID Connect and the SAML2 Bearer Profile. Who should read this book? You do not have the time to read long books? This book provides an overview, the core concepts, without getting lost in the small-small details. This book provides all the necessary information to get started with OAuth in less than 50 pages. You believe OAuth is complicated? OAuth may seem complex with flows and redirects going back and forth. This book will give you clarity by introducing the seemingly complicated material by many illustrations. These illustrations clearly show all the involved interaction parties and the messages they exchange. You want to learn the OAuth concepts efficiently? This book uses many illustrations and sequence diagrams. A good diagram says more than 1000 words. You want to learn the difference between OAuth and OpenID Connect? You wonder when the two concepts are used, what they have in common and what is different between them. This book will help you answer this question. You want to use OAuth in your mobile app? If you want to access resources that are protected by OAuth, you need to get a token first, before you can access the resource. For this, you need to understand the OAuth flows and the dependencies between the steps of the flows. You want to use OAuth to protect your APIs? OAuth is perfectly suited to protect your APIs. You can learn which OAuth endpoints need to be provided and which checks need to be made within the protected APIs.

Web-Services mit REST

Author: Leonard Richardson,Sam Ruby,Thomas Demmig

Publisher: O'Reilly Germany

ISBN: 3897217279

Category: Web services

Page: 482

View: 3256

OAuth 2.0 Identity and Access Management Patterns

Author: Martin Spasovski

Publisher: Packt Publishing Ltd

ISBN: 1783285605

Category: Computers

Page: 128

View: 8095

This is a practical and fast-paced guide that gives you all the information you need to start implementing secure OAuth 2.0 implementations in your web applications.OAuth 2.0 Identity and Access Management Patterns is intended for software developers, software architects, and enthusiasts working with the OAuth 2.0 framework. In order to learn and understand the OAuth 2.0 grant flow, it is assumed that you have some basic knowledge of HTTP communication. For the practical examples, basic knowledge of HTML templating, programming languages, and executing commands in the command line terminal is assumed.

Spring Boot 2.0 Projects

Build production-grade reactive applications and microservices with Spring Boot

Author: Mohamed Shazin Sadakath

Publisher: Packt Publishing Ltd

ISBN: 1789134226

Category: Computers

Page: 336

View: 9408

Develop diverse real-life projects including most aspects of Spring Boot Key Features Run production-grade based applications using the Spring WebFlux framework Learn to develop high performance, asynchronous applications with Spring Boot Create robust microservice-based applications with Kotlin using Spring Boot Book Description Spring is one of the best tools available on the market for developing web, enterprise, and cloud-ready software. The goal of Spring Boot is to provide a set of tools for quickly building Spring applications that are easy to configure, and that make it easy to create and run production-grade Spring-based applications. Spring Boot 2.0 Projects will get you acquainted with important features of the latest version of this application-building tool and will cover basic, as well as advanced topics. The book starts off by teaching you how to create a web application using Spring Boot, followed by creating a Spring Boot-based simple blog management system that uses Elasticsearch as the data store. As you make your way through the chapters, you’ll build a RESTful web services application using Kotlin and the Spring WebFlux framework. Spring WebFlux is a new framework that helps in creating a reactive application in a functional way. Toward the end of the book, you will build a taxi-hailing API with reactive microservices using Spring Boot and a Twitter clone with a Spring Boot backend. Finally, you’ll learn how to build an asynchronous email formatter. What you will learn Learn the fundamental features of Spring Boot 2.0 Customize Spring Boot 2.0 applications Build a basic web application Use Redis to build a taxi-hailing API Create a simple blog management system and a Twitter clone Develop a reactive RESTful web service with Kotlin using Spring Boot Who this book is for This book is for competent Spring developers who wish to understand how to develop complex yet scalable applications with Spring Boot. You must have a good knowledge of Java programming and be familiar with the basics of Spring.

Groovy im Einsatz

Author: Dierk König

Publisher: N.A

ISBN: 9783446412385

Category: Computer Sciences

Page: 597

View: 8959

Java in a nutshell

deutsche Ausgabe für Java 1.4

Author: David Flanagan

Publisher: O'Reilly Germany

ISBN: 9783897213326

Category: Java (Computer program language)

Page: 1084

View: 9881

Professional Java for Web Applications

Author: Nicholas S. Williams

Publisher: John Wiley & Sons

ISBN: 1118909313

Category: Computers

Page: 936

View: 2307

The comprehensive Wrox guide for creating Java web applications for the enterprise This guide shows Java software developers and software engineers how to build complex web applications in an enterprise environment. You'll begin with an introduction to the Java Enterprise Edition and the basic web application, then set up a development application server environment, learn about the tools used in the development process, and explore numerous Java technologies and practices. The book covers industry-standard tools and technologies, specific technologies, and underlying programming concepts. Java is an essential programming language used worldwide for both Android app development and enterprise-level corporate solutions As a step-by-step guide or a general reference, this book provides an all-in-one Java development solution Explains Java Enterprise Edition 7 and the basic web application, how to set up a development application server environment, which tools are needed during the development process, and how to apply various Java technologies Covers new language features in Java 8, such as Lambda Expressions, and the new Java 8 Date & Time API introduced as part of JSR 310, replacing the legacy Date and Calendar APIs Demonstrates the new, fully-duplex WebSocket web connection technology and its support in Java EE 7, allowing the reader to create rich, truly interactive web applications that can push updated data to the client automatically Instructs the reader in the configuration and use of Log4j 2.0, Spring Framework 4 (including Spring Web MVC), Hibernate Validator, RabbitMQ, Hibernate ORM, Spring Data, Hibernate Search, and Spring Security Covers application logging, JSR 340 Servlet API 3.1, JSR 245 JavaServer Pages (JSP) 2.3 (including custom tag libraries), JSR 341 Expression Language 3.0, JSR 356 WebSocket API 1.0, JSR 303/349 Bean Validation 1.1, JSR 317/338 Java Persistence API (JPA) 2.1, full-text searching with JPA, RESTful and SOAP web services, Advanced Message Queuing Protocol (AMQP), and OAuth Professional Java for Web Applications is the complete Wrox guide for software developers who are familiar with Java and who are ready to build high-level enterprise Java web applications.

Clean Architecture

Das Praxishandbuch für gutes Softwaredesign. Regeln und Paradigmen für effiziente Softwarestrukturen

Author: Robert C. Martin

Publisher: MITP-Verlags GmbH & Co. KG

ISBN: 3958457266

Category: Computers

Page: 370

View: 4629

Ajax in action

das Entwicklerbuch für das Web 2.0

Author: Dave Crane,Eric Pascarello,Darren James

Publisher: Pearson Deutschland GmbH

ISBN: 9783827324146

Category:

Page: 687

View: 4961

jQuery Kochbuch

Author: Thomas Demming

Publisher: O'Reilly Germany

ISBN: 3897219999

Category:

Page: 460

View: 4035

Entwurfsmuster

Elemente wiederverwendbarer objektorientierter Software

Author: Erich Gamma,Ralph Johnson,Richard Helm,John Vlissides

Publisher: Pearson Deutschland GmbH

ISBN: 9783827330437

Category: Agile software development

Page: 479

View: 6901

Das Beste an JavaScript

Author: Douglas Crockford,Peter Klicman

Publisher: O'Reilly Germany

ISBN: 3897218763

Category: JavaScript (Computer program language)

Page: 163

View: 4834

Clean Code - Refactoring, Patterns, Testen und Techniken für sauberen Code

Deutsche Ausgabe

Author: Robert C. Martin

Publisher: MITP-Verlags GmbH & Co. KG

ISBN: 3826696387

Category: Computers

Page: 480

View: 5689

h2> Kommentare, Formatierung, Strukturierung Fehler-Handling und Unit-Tests Zahlreiche Fallstudien, Best Practices, Heuristiken und Code Smells Clean Code - Refactoring, Patterns, Testen und Techniken für sauberen Code Aus dem Inhalt: Lernen Sie, guten Code von schlechtem zu unterscheiden Sauberen Code schreiben und schlechten Code in guten umwandeln Aussagekräftige Namen sowie gute Funktionen, Objekte und Klassen erstellen Code so formatieren, strukturieren und kommentieren, dass er bestmöglich lesbar ist Ein vollständiges Fehler-Handling implementieren, ohne die Logik des Codes zu verschleiern Unit-Tests schreiben und Ihren Code testgesteuert entwickeln Selbst schlechter Code kann funktionieren. Aber wenn der Code nicht sauber ist, kann er ein Entwicklungsunternehmen in die Knie zwingen. Jedes Jahr gehen unzählige Stunden und beträchtliche Ressourcen verloren, weil Code schlecht geschrieben ist. Aber das muss nicht sein. Mit Clean Code präsentiert Ihnen der bekannte Software-Experte Robert C. Martin ein revolutionäres Paradigma, mit dem er Ihnen aufzeigt, wie Sie guten Code schreiben und schlechten Code überarbeiten. Zusammen mit seinen Kollegen von Object Mentor destilliert er die besten Praktiken der agilen Entwicklung von sauberem Code zu einem einzigartigen Buch. So können Sie sich die Erfahrungswerte der Meister der Software-Entwicklung aneignen, die aus Ihnen einen besseren Programmierer machen werden – anhand konkreter Fallstudien, die im Buch detailliert durchgearbeitet werden. Sie werden in diesem Buch sehr viel Code lesen. Und Sie werden aufgefordert, darüber nachzudenken, was an diesem Code richtig und falsch ist. Noch wichtiger: Sie werden herausgefordert, Ihre professionellen Werte und Ihre Einstellung zu Ihrem Beruf zu überprüfen. Clean Code besteht aus drei Teilen:Der erste Teil beschreibt die Prinzipien, Patterns und Techniken, die zum Schreiben von sauberem Code benötigt werden. Der zweite Teil besteht aus mehreren, zunehmend komplexeren Fallstudien. An jeder Fallstudie wird aufgezeigt, wie Code gesäubert wird – wie eine mit Problemen behaftete Code-Basis in eine solide und effiziente Form umgewandelt wird. Der dritte Teil enthält den Ertrag und den Lohn der praktischen Arbeit: ein umfangreiches Kapitel mit Best Practices, Heuristiken und Code Smells, die bei der Erstellung der Fallstudien zusammengetragen wurden. Das Ergebnis ist eine Wissensbasis, die beschreibt, wie wir denken, wenn wir Code schreiben, lesen und säubern. Dieses Buch ist ein Muss für alle Entwickler, Software-Ingenieure, Projektmanager, Team-Leiter oder Systemanalytiker, die daran interessiert sind, besseren Code zu produzieren. Über den Autor: Robert C. »Uncle Bob« Martin entwickelt seit 1970 professionell Software. Seit 1990 arbeitet er international als Software-Berater. Er ist Gründer und Vorsitzender von Object Mentor, Inc., einem Team erfahrener Berater, die Kunden auf der ganzen Welt bei der Programmierung in und mit C++, Java, C#, Ruby, OO, Design Patterns, UML sowie Agilen Methoden und eXtreme Programming helfen.

Spring Boot 2

Moderne Softwareentwicklung mit Spring 5

Author: Michael Simons

Publisher: dpunkt.verlag

ISBN: 3960883897

Category: Computers

Page: 460

View: 3166

Spring Boot hat seit 2014 das Spring-Ökosystem revolutioniert und verdrängt in zunehmendem Maße "klassische" Spring-Anwendungen.Spring Boot ist kein neues Framework, sondern basiert auf Spring und dem Spring-Ökosystem. Es vereinfacht die Verwaltung von Abhängigkeiten und die Konfiguration des Spring- Frameworks. Spring Boot löst dabei Probleme, die einer effektiven und effizienten Produktivsetzung im Weg stehen, und bietet vielfältige Möglichkeiten, testgetrieben zu entwickeln.Spring Boot sollte die erste Wahl sein, Springbasierte Anwendungen zu entwickeln, unabhängig davon, ob es sich um Microservices handelt oder nicht.Dieses Buch bietet eine umfassende Einführung in die von Spring Boot unterstützten Spring-Module und -Technologien:WebanwendungenReaktive AnwendungenSecurityDatenbanktechnologienCachingTests und DokumentationDarüber hinaus stellt es verschiedene Möglichkeiten vor, Spring-Boot-Anwendungen zu deployen, sowohl in klassischen als auch in Cloud- Szenarien.Hinweise auf Best Practices sowie eine Übersicht der zahlreichen Änderungen von Spring Boot 1 auf Version 2 runden das Buch ab.

MySQL Tutorial

Die kompakte Einführung in die Arbeit mit MySQL

Author: Luke Welling,Laura Thomson

Publisher: Pearson Deutschland GmbH

ISBN: 9783827321695

Category:

Page: 286

View: 7822