{"product_id":"9781430257837","title":"Pro ASP.NET Web API Security: Securing ASP.NET Web API","description":"\u003cp\u003e    ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP.\u003c\/p\u003e\u003cp\u003eWith such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols youre familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with.\u003c\/p\u003e\u003cp\u003eFortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP, meaning that there is no limit to the range of devices that it can work with  if it can understand HTTP, then it can be secured by Web API. These SOAP-less security techniques are the focus of this book.     \u003c\/p\u003e    What youll learn\u003cul\u003e \u003cli\u003eIdentity management and cryptography \u003c\/li\u003e \u003cli\u003eHTTP basic and digest authentication and Windows authentication \u003c\/li\u003e \u003cli\u003eHTTP advanced concepts such as web caching, ETag, and CORS \u003c\/li\u003e \u003cli\u003eOwnership factors of API keys, client X.509 certificates, and SAML tokens \u003c\/li\u003e \u003cli\u003eSimple Web Token (SWT) and signed and encrypted JSON Web Token (JWT) \u003c\/li\u003e \u003cli\u003eOAuth 2.0 from the ground up using JWT as the bearer token \u003c\/li\u003e \u003cli\u003eOAuth 2.0 authorization codes and implicit grants using DotNetOpenAuth \u003c\/li\u003e \u003cli\u003eTwo-factor authentication using Google Authenticator \u003c\/li\u003e \u003cli\u003eOWASP Top Ten risks for 2013\u003c\/li\u003e\n\u003c\/ul\u003eWho this book is for      \u003cp\u003e     No prior experience of .NET security is needed to read this book. All security related concepts will be introduced from first-principles and developed to the point where you can use them confidently in a professional environment. A good working knowledge of and experience with C# and the .NET framework are the only prerequisites to benefit from this book.      \u003c\/p\u003e     Table of Contents\u003col\u003e \u003cli\u003eWelcome to ASP.NET Web API \u003c\/li\u003e \u003cli\u003eBuilding RESTful Services \u003c\/li\u003e \u003cli\u003eExtensibility Points \u003c\/li\u003e \u003cli\u003eHTTP Anatomy and Security \u003c\/li\u003e \u003cli\u003eIdentity Management \u003c\/li\u003e \u003cli\u003eEncryption and Signing \u003c\/li\u003e \u003cli\u003eCustom STS through WIF \u003c\/li\u003e \u003cli\u003eKnowledge Factors \u003c\/li\u003e \u003cli\u003eOwnership Factors \u003c\/li\u003e \u003cli\u003eWeb Tokens \u003c\/li\u003e \u003cli\u003eOAuth 2.0 Using Live Connect API \u003c\/li\u003e \u003cli\u003eOAuth 2.0 From the Ground Up  \u003c\/li\u003e \u003cli\u003eOAuth 2.0 Using DotNetOpenAuth \u003c\/li\u003e \u003cli\u003eTwo-Factor Authentication \u003c\/li\u003e \u003cli\u003eSecurity Vulnerabilities \u003c\/li\u003e \u003cli\u003eAppendix: ASP.NET Web API Security Distilled \u003c\/li\u003e\n\u003c\/ol\u003e","brand":"Apress","offers":[{"title":"Default Title","offer_id":47139364864240,"sku":"9781430257837","price":39.99,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0737\/7593\/9824\/files\/9781430257837_p0.jpg?v=1763753423","url":"https:\/\/shop-qa.barnesandnoble.com\/products\/9781430257837","provider":"Barnes \u0026 Noble (DEV)","version":"1.0","type":"link"}