Author: Stian Thorgersen
Publisher: Packt Publishing Ltd
ISBN: 1800564708
Category : Computers
Languages : en
Pages : 362
Book Description
Learn to leverage the advanced capabilities of Keycloak, an open-source identity and access management solution, to enable authentication and authorization in applications Key Features Get up to speed with Keycloak, OAuth 2.0, and OpenID Connect using practical examples Configure, manage, and extend Keycloak for optimized security Leverage Keycloak features to secure different application types Book DescriptionImplementing authentication and authorization for applications can be a daunting experience, often leaving them exposed to security vulnerabilities. Keycloak is an open-source solution for identity management and access management for modern applications, which can make a world of difference if you learn how to use it. Keycloak, helping you get started with using it and securing your applications. Complete with hands-on tutorials, best practices, and self-assessment questions, this easy-to-follow guide will show you how to secure a sample application and then move on to securing different application types. As you progress, you will understand how to configure and manage Keycloak as well as how to leverage some of its more advanced capabilities. Finally, you'll gain insights into securely using Keycloak in production. By the end of this book, you will have learned how to install and manage Keycloak as well as how to secure new and existing applications.What you will learn Understand how to install, configure, and manage Keycloak Secure your new and existing applications with Keycloak Gain a basic understanding of OAuth 2.0 and OpenID Connect Understand how to configure Keycloak to make it ready for production use Discover how to leverage additional features and how to customize Keycloak to fit your needs Get to grips with securing Keycloak servers and protecting applications Who this book is for Developers, sysadmins, security engineers, or anyone who wants to leverage Keycloak and its capabilities for application security will find this book useful. Beginner-level knowledge of app development and authentication and authorization is expected.
Solving Identity and Access Management in Modern Applications
Author: Yvonne Wilson
Publisher: Apress
ISBN: 9781484250945
Category : Computers
Languages : en
Pages : 165
Book Description
Know how to design and use identity management to protect your application and the data it manages. At a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided. Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more. What You’ll Learn Understand key identity management concepts Incorporate essential design principles Design authentication and access control for a modern application Know the identity management frameworks and protocols used today (OIDC/ OAuth 2.0, SAML 2.0) Review historical failures and know how to avoid them Who This Book Is For Developers, enterprise or application architects, business application or product owners, and anyone involved in an application's identity management solution
Publisher: Apress
ISBN: 9781484250945
Category : Computers
Languages : en
Pages : 165
Book Description
Know how to design and use identity management to protect your application and the data it manages. At a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided. Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more. What You’ll Learn Understand key identity management concepts Incorporate essential design principles Design authentication and access control for a modern application Know the identity management frameworks and protocols used today (OIDC/ OAuth 2.0, SAML 2.0) Review historical failures and know how to avoid them Who This Book Is For Developers, enterprise or application architects, business application or product owners, and anyone involved in an application's identity management solution
Keycloak - Identity and Access Management for Modern Applications
Author: Stian Thorgersen
Publisher: Packt Publishing Ltd
ISBN: 1804612618
Category : Computers
Languages : en
Pages : 351
Book Description
Gain a practical understanding of Keycloak to enable authentication and authorization in applications while leveraging the additional features provided by Keycloak. Purchase of the print or Kindle book includes a free PDF eBook Key Features A beginners’ guide to Keycloak focussed on understanding Identity and Access Management Implement authentication and authorization in applications using Keycloak 22 Utilize Keycloak in securing applications developed by you and the existing applications in your enterprise Book DescriptionThe second edition of Keycloak - Identity and Access Management for Modern Applications is an updated, comprehensive introduction to Keycloak and its updates. In this new edition, you will learn how to use the latest distribution of Keycloak. The recent versions of Keycloak are now based on Quarkus, which brings a new and improved user experience and a new admin console with a higher focus on usability. You will see how to leverage Spring Security, instead of the Keycloak Spring adapter while using Keycloak 22. As you progress, you’ll understand the new Keycloak distribution and explore best practices in using OAuth. Finally, you'll cover general best practices and other information on how to protect your applications. By the end of this new edition, you’ll have learned how to install and manage the latest version of Keycloak to secure new and existing applications using the latest features.What you will learn Understand how to install, configure, and manage the latest version of Keycloak Discover how to obtain access tokens through OAuth 2.0 Utilize a reverse proxy to secure an application implemented in any programming language or framework Safely manage Keycloak in a production environment Secure different types of applications, including web, mobile, and native applications Discover the frameworks and third-party libraries that can expand Keycloak Who this book is forThis book is for developers, sysadmins, security engineers, or anyone who wants to leverage Keycloak and its capabilities for application security. Basic knowledge of app development, authentication, and authorization is expected.
Publisher: Packt Publishing Ltd
ISBN: 1804612618
Category : Computers
Languages : en
Pages : 351
Book Description
Gain a practical understanding of Keycloak to enable authentication and authorization in applications while leveraging the additional features provided by Keycloak. Purchase of the print or Kindle book includes a free PDF eBook Key Features A beginners’ guide to Keycloak focussed on understanding Identity and Access Management Implement authentication and authorization in applications using Keycloak 22 Utilize Keycloak in securing applications developed by you and the existing applications in your enterprise Book DescriptionThe second edition of Keycloak - Identity and Access Management for Modern Applications is an updated, comprehensive introduction to Keycloak and its updates. In this new edition, you will learn how to use the latest distribution of Keycloak. The recent versions of Keycloak are now based on Quarkus, which brings a new and improved user experience and a new admin console with a higher focus on usability. You will see how to leverage Spring Security, instead of the Keycloak Spring adapter while using Keycloak 22. As you progress, you’ll understand the new Keycloak distribution and explore best practices in using OAuth. Finally, you'll cover general best practices and other information on how to protect your applications. By the end of this new edition, you’ll have learned how to install and manage the latest version of Keycloak to secure new and existing applications using the latest features.What you will learn Understand how to install, configure, and manage the latest version of Keycloak Discover how to obtain access tokens through OAuth 2.0 Utilize a reverse proxy to secure an application implemented in any programming language or framework Safely manage Keycloak in a production environment Secure different types of applications, including web, mobile, and native applications Discover the frameworks and third-party libraries that can expand Keycloak Who this book is forThis book is for developers, sysadmins, security engineers, or anyone who wants to leverage Keycloak and its capabilities for application security. Basic knowledge of app development, authentication, and authorization is expected.
Okta Administration: Up and Running
Author: Lovisa Stenbacken Stjernlof
Publisher: Packt Publishing Ltd
ISBN: 180056953X
Category : Computers
Languages : en
Pages : 268
Book Description
Plan, design, and implement identity and access management solutions with Okta Key FeaturesLearn how to use Okta for complete identity and access management in your organizationUse single sign-on, multifactor authentication, and life cycle management for enhanced securitySet up, manage, and audit API access policiesBook Description IAM, short for identity and access management, is a set of policies and technologies for ensuring the security of an organization through careful role and access assignment for users and devices. With this book, you'll get up and running with Okta, an identity and access management (IAM) service that you can use for both employees and customers. Once you've understood how Okta can be used as an IAM platform, you'll learn about the Universal Directory, which covers how to integrate other directories and applications and set up groups and policies. As you make progress, the book explores Okta's single sign-on (SSO) feature and multifactor authentication (MFA) solutions. Finally, you will delve into API access management and discover how you can leverage Advanced Server Access for your cloud servers and Okta Access Gateway for your on-premises applications. By the end of this Okta book, you'll have learned how to implement Okta to enhance your organization's security and be able to use this book as a reference guide for the Okta certification exam. What you will learnUnderstand different types of users in Okta and how to place them in groupsSet up SSO and MFA rules to secure your IT environmentGet to grips with the basics of end-user functionality and customizationFind out how provisioning and synchronization with applications workExplore API management, Access Gateway, and Advanced Server AccessBecome well-versed in the terminology used by IAM professionalsWho this book is for If you are an IT consultant, business decision-maker, system administrator, system and security engineer, or anyone who wishes to use Okta to plan, design, and implement identity and access management solutions, this book is for you. A basic understanding of authentication and authorization is necessary.
Publisher: Packt Publishing Ltd
ISBN: 180056953X
Category : Computers
Languages : en
Pages : 268
Book Description
Plan, design, and implement identity and access management solutions with Okta Key FeaturesLearn how to use Okta for complete identity and access management in your organizationUse single sign-on, multifactor authentication, and life cycle management for enhanced securitySet up, manage, and audit API access policiesBook Description IAM, short for identity and access management, is a set of policies and technologies for ensuring the security of an organization through careful role and access assignment for users and devices. With this book, you'll get up and running with Okta, an identity and access management (IAM) service that you can use for both employees and customers. Once you've understood how Okta can be used as an IAM platform, you'll learn about the Universal Directory, which covers how to integrate other directories and applications and set up groups and policies. As you make progress, the book explores Okta's single sign-on (SSO) feature and multifactor authentication (MFA) solutions. Finally, you will delve into API access management and discover how you can leverage Advanced Server Access for your cloud servers and Okta Access Gateway for your on-premises applications. By the end of this Okta book, you'll have learned how to implement Okta to enhance your organization's security and be able to use this book as a reference guide for the Okta certification exam. What you will learnUnderstand different types of users in Okta and how to place them in groupsSet up SSO and MFA rules to secure your IT environmentGet to grips with the basics of end-user functionality and customizationFind out how provisioning and synchronization with applications workExplore API management, Access Gateway, and Advanced Server AccessBecome well-versed in the terminology used by IAM professionalsWho this book is for If you are an IT consultant, business decision-maker, system administrator, system and security engineer, or anyone who wishes to use Okta to plan, design, and implement identity and access management solutions, this book is for you. A basic understanding of authentication and authorization is necessary.
Pro Telerik ASP.NET and Silverlight Controls
Author: Jose Rolando Guay Paz
Publisher: Apress
ISBN: 1430229411
Category : Computers
Languages : en
Pages : 686
Book Description
This book provides a complete guide to implementing Telerik’s range of ASP.NET and Silverlight controls. Telerik controls are invaluable for ASP.NET and Silverlight developers because they provide a vast array of rich controls targeted for the presentation layer of web applications. Telerik offers you solutions for the reports, grids, charts, and text-editing controls that you need but don’t want to build from scratch yourself—the options are endless for increasing the functionality of any of your web solutions.
Publisher: Apress
ISBN: 1430229411
Category : Computers
Languages : en
Pages : 686
Book Description
This book provides a complete guide to implementing Telerik’s range of ASP.NET and Silverlight controls. Telerik controls are invaluable for ASP.NET and Silverlight developers because they provide a vast array of rich controls targeted for the presentation layer of web applications. Telerik offers you solutions for the reports, grids, charts, and text-editing controls that you need but don’t want to build from scratch yourself—the options are endless for increasing the functionality of any of your web solutions.
Jumpstart Jamstack Development
Author: Christopher Pecoraro
Publisher: Packt Publishing Ltd
ISBN: 1800205902
Category : Computers
Languages : en
Pages : 253
Book Description
Leverage Jamstack principles, techniques, and best practices to build dynamic websites and web apps focused on speed, security, and accessibility Key FeaturesUnderstand how JavaScript integrates with reusable application program interfaces (APIs) and browser markup to build a serverless web applicationGain a solid understanding of static site development with Gatsby and its importance in JamstackFind out how to deploy a Jamstack event website directly from GitHub using NetlifyBook Description Jamstack (JavaScript, API, and Markup) enables web developers to create and publish modern and maintainable websites and web apps focused on speed, security, and accessibility by using tools such as Gatsby, Sanity, and Netlify. Developers working with Jamstack will be able to put their knowledge to good use with this practical guide to static site generation and content management. This Jamstack book takes a hands-on approach to implementation and related methodologies that will have you up and running with modern web development in no time. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, you'll begin by building an event and venue schema structure, and then expand the functionality, exploring all that the Jamstack has to offer. You’ll learn how an example Jamstack is built, build structured content using Sanity to create a schema, use GraphQL to expose the content, and employ Gatsby to build an event website using page and template components and Tailwind CSS Framework. Lastly, you’ll deploy the website to both, a Netlify server and the Microsoft Static Web Apps Service, and interact with it using Amazon Alexa. By the end of this book, you'll have gained the knowledge and skills you need to install, configure, build, extend, and deploy a simple events website using Jamstack. What you will learnDiscover the Jamstack approach and build speedy, secure, and accessible websites and web apps with its component technologiesBuild an events website by using the Jamstack and the Gatsby static site generatorCreate and modify your templates and pages to build creative web appsBuild, modify, and extend structured content schemas in SanityUnderstand Gatsby plugins, project structure, and files, and how it can be used to build Jamstack appsFind out how GatsbyJS uses GraphQL to source contentWho this book is for This book is for web developers looking to implement Jamstack practically. JavaScript developers who want to build modern speedy and secure web apps will also find this book useful. Familiarity with JavaScript and Database programming is assumed.
Publisher: Packt Publishing Ltd
ISBN: 1800205902
Category : Computers
Languages : en
Pages : 253
Book Description
Leverage Jamstack principles, techniques, and best practices to build dynamic websites and web apps focused on speed, security, and accessibility Key FeaturesUnderstand how JavaScript integrates with reusable application program interfaces (APIs) and browser markup to build a serverless web applicationGain a solid understanding of static site development with Gatsby and its importance in JamstackFind out how to deploy a Jamstack event website directly from GitHub using NetlifyBook Description Jamstack (JavaScript, API, and Markup) enables web developers to create and publish modern and maintainable websites and web apps focused on speed, security, and accessibility by using tools such as Gatsby, Sanity, and Netlify. Developers working with Jamstack will be able to put their knowledge to good use with this practical guide to static site generation and content management. This Jamstack book takes a hands-on approach to implementation and related methodologies that will have you up and running with modern web development in no time. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, you'll begin by building an event and venue schema structure, and then expand the functionality, exploring all that the Jamstack has to offer. You’ll learn how an example Jamstack is built, build structured content using Sanity to create a schema, use GraphQL to expose the content, and employ Gatsby to build an event website using page and template components and Tailwind CSS Framework. Lastly, you’ll deploy the website to both, a Netlify server and the Microsoft Static Web Apps Service, and interact with it using Amazon Alexa. By the end of this book, you'll have gained the knowledge and skills you need to install, configure, build, extend, and deploy a simple events website using Jamstack. What you will learnDiscover the Jamstack approach and build speedy, secure, and accessible websites and web apps with its component technologiesBuild an events website by using the Jamstack and the Gatsby static site generatorCreate and modify your templates and pages to build creative web appsBuild, modify, and extend structured content schemas in SanityUnderstand Gatsby plugins, project structure, and files, and how it can be used to build Jamstack appsFind out how GatsbyJS uses GraphQL to source contentWho this book is for This book is for web developers looking to implement Jamstack practically. JavaScript developers who want to build modern speedy and secure web apps will also find this book useful. Familiarity with JavaScript and Database programming is assumed.
Cloud Native Microservices with Spring and Kubernetes
Author: Rajiv Srivastava
Publisher: BPB Publications
ISBN: 9390684315
Category : Computers
Languages : en
Pages : 427
Book Description
Build and deploy scalable cloud native microservices using the Spring framework and Kubernetes. KEY FEATURES ● Complete coverage on how to design, build, run, and deploy modern cloud native microservices. ● Includes numerous sample code exercises on microservices, Spring and Kubernetes. ● Develop a stronghold on Kubernetes, Spring, and the microservices architecture. ● Complete guide of application containerization on Kubernetes containers. ● Coverage on managing modern applications and infrastructure using observability tools. DESCRIPTION The main objective of this book is to give an overview of cloud native microservices, their architecture, design patterns, best practices, real use cases and practical coverage of modern applications. This book covers a strong understanding of the fundamentals of microservices, API first approach, Testing, observability, API Gateway, Service Mesh and Kubernetes alternatives of Spring Cloud. This book covers the implementation of various design patterns of developing cloud native microservices using Spring framework docker and Kubernetes libraries. It covers containerization concepts and hands-on lab exercises like how to build, run and manage microservices applications using Kubernetes. After reading this book, the readers will have a holistic understanding of building, running, and managing cloud native microservices applications on Kubernetes containers. WHAT YOU WILL LEARN ● Learn fundamentals of microservice and design patterns. ● Learn microservices development using Spring Boot and Kubernetes. ● Learn to develop reactive, event-driven, and batch microservices. ● Perform end-to-end microservices testing using Cucumber. ● Implement API gateway,authentication & authorization,load balancing, caching, rate limiting. ● Learn observability and monitoring techniques of microservices. WHO THIS BOOK IS FOR This book is for the Spring Developers, Microservice Developers, Cloud Engineers, DevOps Consultants, Technical Architect and Solution Architects, who have some familiarity with application development, Docker and Kubernetes containers. TABLE OF CONTENTS 1. Overview of Cloud Native microservices 2. Microservice design patterns 3. API first approach 4. Build microservices using the Spring Framework 5. Batch microservices 6. Build reactive and event-driven microservices 7. The API gateway, security, and distributed caching with Redis 8. Microservices testing and API mocking 9. Microservices observability 10. Containers and Kubernetes overview and architecture 11. Run microservices on Kubernetes 12. Service Mesh and Kubernetes alternatives of Spring Cloud
Publisher: BPB Publications
ISBN: 9390684315
Category : Computers
Languages : en
Pages : 427
Book Description
Build and deploy scalable cloud native microservices using the Spring framework and Kubernetes. KEY FEATURES ● Complete coverage on how to design, build, run, and deploy modern cloud native microservices. ● Includes numerous sample code exercises on microservices, Spring and Kubernetes. ● Develop a stronghold on Kubernetes, Spring, and the microservices architecture. ● Complete guide of application containerization on Kubernetes containers. ● Coverage on managing modern applications and infrastructure using observability tools. DESCRIPTION The main objective of this book is to give an overview of cloud native microservices, their architecture, design patterns, best practices, real use cases and practical coverage of modern applications. This book covers a strong understanding of the fundamentals of microservices, API first approach, Testing, observability, API Gateway, Service Mesh and Kubernetes alternatives of Spring Cloud. This book covers the implementation of various design patterns of developing cloud native microservices using Spring framework docker and Kubernetes libraries. It covers containerization concepts and hands-on lab exercises like how to build, run and manage microservices applications using Kubernetes. After reading this book, the readers will have a holistic understanding of building, running, and managing cloud native microservices applications on Kubernetes containers. WHAT YOU WILL LEARN ● Learn fundamentals of microservice and design patterns. ● Learn microservices development using Spring Boot and Kubernetes. ● Learn to develop reactive, event-driven, and batch microservices. ● Perform end-to-end microservices testing using Cucumber. ● Implement API gateway,authentication & authorization,load balancing, caching, rate limiting. ● Learn observability and monitoring techniques of microservices. WHO THIS BOOK IS FOR This book is for the Spring Developers, Microservice Developers, Cloud Engineers, DevOps Consultants, Technical Architect and Solution Architects, who have some familiarity with application development, Docker and Kubernetes containers. TABLE OF CONTENTS 1. Overview of Cloud Native microservices 2. Microservice design patterns 3. API first approach 4. Build microservices using the Spring Framework 5. Batch microservices 6. Build reactive and event-driven microservices 7. The API gateway, security, and distributed caching with Redis 8. Microservices testing and API mocking 9. Microservices observability 10. Containers and Kubernetes overview and architecture 11. Run microservices on Kubernetes 12. Service Mesh and Kubernetes alternatives of Spring Cloud
Enterprise Java Microservices
Author: Kenneth Finnigan
Publisher: Simon and Schuster
ISBN: 1638355967
Category : Computers
Languages : en
Pages : 395
Book Description
Summary Enterprise Java Microservices is an example-rich tutorial that shows how to design and manage large-scale Java applications as a collection of microservices. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the Technology Large applications are easier to develop and maintain when you build them from small, simple components. Java developers now enjoy a wide range of tools that support microservices application development, including right-sized app servers, open source frameworks, and well-defined patterns. Best of all, you can build microservices applications using your existing Java skills. About the Book Enterprise Java Microservices teaches you to design and build JVM-based microservices applications. You'll start by learning how microservices designs compare to traditional Java EE applications. Always practical, author Ken Finnigan introduces big-picture concepts along with the tools and techniques you'll need to implement them. You'll discover ecosystem components like Netflix Hystrix for fault tolerance and master the Just enough Application Server (JeAS) approach. To ensure smooth operations, you'll also examine monitoring, security, testing, and deploying to the cloud. What's inside The microservices mental model Cloud-native development Strategies for fault tolerance and monitoring Securing your finished applications About the Reader This book is for Java developers familiar with Java EE. About the Author Ken Finnigan leads the Thorntail project at Red Hat, which seeks to make developing microservices for the cloud with Java and Java EE as easy as possible. Table of Contents PART 1 MICROSERVICES BASICS Enterprise Java microservices Developing a simple RESTful microservice Just enough Application Server for microservices Microservices testing Cloud native development PART 2 - IMPLEMENTING ENTERPRISE JAVA MICROSERVICES Consuming microservices Discovering microservices for consumption Strategies for fault tolerance and monitoring Securing a microservice Architecting a microservice hybrid Data streaming with Apache Kafka
Publisher: Simon and Schuster
ISBN: 1638355967
Category : Computers
Languages : en
Pages : 395
Book Description
Summary Enterprise Java Microservices is an example-rich tutorial that shows how to design and manage large-scale Java applications as a collection of microservices. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the Technology Large applications are easier to develop and maintain when you build them from small, simple components. Java developers now enjoy a wide range of tools that support microservices application development, including right-sized app servers, open source frameworks, and well-defined patterns. Best of all, you can build microservices applications using your existing Java skills. About the Book Enterprise Java Microservices teaches you to design and build JVM-based microservices applications. You'll start by learning how microservices designs compare to traditional Java EE applications. Always practical, author Ken Finnigan introduces big-picture concepts along with the tools and techniques you'll need to implement them. You'll discover ecosystem components like Netflix Hystrix for fault tolerance and master the Just enough Application Server (JeAS) approach. To ensure smooth operations, you'll also examine monitoring, security, testing, and deploying to the cloud. What's inside The microservices mental model Cloud-native development Strategies for fault tolerance and monitoring Securing your finished applications About the Reader This book is for Java developers familiar with Java EE. About the Author Ken Finnigan leads the Thorntail project at Red Hat, which seeks to make developing microservices for the cloud with Java and Java EE as easy as possible. Table of Contents PART 1 MICROSERVICES BASICS Enterprise Java microservices Developing a simple RESTful microservice Just enough Application Server for microservices Microservices testing Cloud native development PART 2 - IMPLEMENTING ENTERPRISE JAVA MICROSERVICES Consuming microservices Discovering microservices for consumption Strategies for fault tolerance and monitoring Securing a microservice Architecting a microservice hybrid Data streaming with Apache Kafka
API Security in Action
Author: Neil Madden
Publisher: Manning
ISBN: 1617296023
Category : Computers
Languages : en
Pages : 574
Book Description
API Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. Summary A web API is an efficient way to communicate with an application or service. However, this convenience opens your systems to new security risks. API Security in Action gives you the skills to build strong, safe APIs you can confidently expose to the world. Inside, you’ll learn to construct secure and scalable REST APIs, deliver machine-to-machine interaction in a microservices architecture, and provide protection in resource-constrained IoT (Internet of Things) environments. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology APIs control data sharing in every service, server, data store, and web client. Modern data-centric designs—including microservices and cloud-native applications—demand a comprehensive, multi-layered approach to security for both private and public-facing APIs. About the book API Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. When you’re done, you’ll be able to create APIs that stand up to complex threat models and hostile environments. What's inside Authentication Authorization Audit logging Rate limiting Encryption About the reader For developers with experience building RESTful APIs. Examples are in Java. About the author Neil Madden has in-depth knowledge of applied cryptography, application security, and current API security technologies. He holds a Ph.D. in Computer Science. Table of Contents PART 1 - FOUNDATIONS 1 What is API security? 2 Secure API development 3 Securing the Natter API PART 2 - TOKEN-BASED AUTHENTICATION 4 Session cookie authentication 5 Modern token-based authentication 6 Self-contained tokens and JWTs PART 3 - AUTHORIZATION 7 OAuth2 and OpenID Connect 8 Identity-based access control 9 Capability-based security and macaroons PART 4 - MICROSERVICE APIs IN KUBERNETES 10 Microservice APIs in Kubernetes 11 Securing service-to-service APIs PART 5 - APIs FOR THE INTERNET OF THINGS 12 Securing IoT communications 13 Securing IoT APIs
Publisher: Manning
ISBN: 1617296023
Category : Computers
Languages : en
Pages : 574
Book Description
API Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. Summary A web API is an efficient way to communicate with an application or service. However, this convenience opens your systems to new security risks. API Security in Action gives you the skills to build strong, safe APIs you can confidently expose to the world. Inside, you’ll learn to construct secure and scalable REST APIs, deliver machine-to-machine interaction in a microservices architecture, and provide protection in resource-constrained IoT (Internet of Things) environments. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology APIs control data sharing in every service, server, data store, and web client. Modern data-centric designs—including microservices and cloud-native applications—demand a comprehensive, multi-layered approach to security for both private and public-facing APIs. About the book API Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. When you’re done, you’ll be able to create APIs that stand up to complex threat models and hostile environments. What's inside Authentication Authorization Audit logging Rate limiting Encryption About the reader For developers with experience building RESTful APIs. Examples are in Java. About the author Neil Madden has in-depth knowledge of applied cryptography, application security, and current API security technologies. He holds a Ph.D. in Computer Science. Table of Contents PART 1 - FOUNDATIONS 1 What is API security? 2 Secure API development 3 Securing the Natter API PART 2 - TOKEN-BASED AUTHENTICATION 4 Session cookie authentication 5 Modern token-based authentication 6 Self-contained tokens and JWTs PART 3 - AUTHORIZATION 7 OAuth2 and OpenID Connect 8 Identity-based access control 9 Capability-based security and macaroons PART 4 - MICROSERVICE APIs IN KUBERNETES 10 Microservice APIs in Kubernetes 11 Securing service-to-service APIs PART 5 - APIs FOR THE INTERNET OF THINGS 12 Securing IoT communications 13 Securing IoT APIs