What do you think?
Rate this book
RESTful Java Web Services Security by Enríquez, René, Salazar C., Andrés (2014) Paperback
Excellent Book
Paperback
First published January 1, 2014
4 people are currently reading
2 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 2 of 2 reviews
January 30, 2015
RESTful APIs have been the driving force over the last few years to enable a wide range of client applications (mobile or web). Given the world that we live today, securing these endpoints is critical due to the potential damage that the attacker could cause if the endpoints are not secured enough. Material on securing REST services on the web is few and far between.
Packt Pub’s book is catered to address this important topic of security vis-a-vis RESTful Java Web Services. Here are the highlights of the book:
The book begins by setting up the development environment and the basic sample application. It focuses on JBOSS and the RESTEasy implementation and the idea is to get your REST Service functional and running. This is a simple and effective approach in my opinion.
The next chapter focuses on various security basics that include authentication, authorization and then Basic and Certificate based authentication. It provides an overview of API Keys for security too.
The next 3 chapters are focused on RESTEasy and the mechanisms that it has for security your API Endpoints. The coverage includes use of Annotations and programmatic implementation of security. Other topics include OAuth, Digital Signatures and message body encryption.
I particularly liked the methodical approach of covering different areas of security. Not all of these mechanisms will apply to your implementation and hence it is good to look at them separately.
If you looking for a good overview of REST Security concepts and if JBOSS/RESTEasy are your tools of choice, this is a good book.
Packt Pub’s book is catered to address this important topic of security vis-a-vis RESTful Java Web Services. Here are the highlights of the book:
The book begins by setting up the development environment and the basic sample application. It focuses on JBOSS and the RESTEasy implementation and the idea is to get your REST Service functional and running. This is a simple and effective approach in my opinion.
The next chapter focuses on various security basics that include authentication, authorization and then Basic and Certificate based authentication. It provides an overview of API Keys for security too.
The next 3 chapters are focused on RESTEasy and the mechanisms that it has for security your API Endpoints. The coverage includes use of Annotations and programmatic implementation of security. Other topics include OAuth, Digital Signatures and message body encryption.
I particularly liked the methodical approach of covering different areas of security. Not all of these mechanisms will apply to your implementation and hence it is good to look at them separately.
If you looking for a good overview of REST Security concepts and if JBOSS/RESTEasy are your tools of choice, this is a good book.
February 13, 2015
The "security" need to be a must on every kind of application, but if we plan to expose our applications business logic with RESTful services we need to think two times about secure implementation on that layer.
The book is a great introduction to the security of the RESTful system, drives the programmer to implement different layers of security, from the user authentication and authorization to the encryption and signature of the payload. It is also a good quick reference for every developer that need to implement OAuth and/or digital signature of the data.
What I didn't liked on the book that is too much tight to RESTeasy implementation, I hope in the future editions to see also some references to the Jersey implementation!
At the end is a good book and if you're working on RESTful Java project you need to read it!
The book is a great introduction to the security of the RESTful system, drives the programmer to implement different layers of security, from the user authentication and authorization to the encryption and signature of the payload. It is also a good quick reference for every developer that need to implement OAuth and/or digital signature of the data.
What I didn't liked on the book that is too much tight to RESTeasy implementation, I hope in the future editions to see also some references to the Jersey implementation!
At the end is a good book and if you're working on RESTful Java project you need to read it!
Displaying 1 - 2 of 2 reviews