What do you think?
Rate this book
RESTful Java Web Services Security
In Detail
This book will serve as a practical companion for you to learn about common vulnerabilities when using RESTful services, and will provide you with an indispensable knowledge of the tools you can use to implement and test security on your applications. It will cover the fine details of setting up RESTful services such as implementing RESTEasy and securing transmission protocols such as the OAuth protocol and its integration with RESTEasy. Furthermore, it also explains the implementation of digital signatures and the integration of the Doseta framework with RESTEasy.
With this book, you will be able to design your own security implementation or use a protocol to grant permissions over your RESTful applications with OAuth. You will also gain knowledge about the working of other features such as configuring and verifying HTTP and HTTPS protocols, certificates, and securing protocols for data transmission. By the end of this book, you will have comprehensive knowledge that will help you to detect and solve vulnerabilities.
ApproachA sequential and easy-to-follow guide which allows you to understand the concepts related to securing web apps/services quickly and efficiently, since each topic is explained and described with the help of an example and in a step-by-step manner, helping you to easily implement the examples in your own projects.
Who this book is forThis book is intended for web application developers who use RESTful web services to power their websites. Prior knowledge of RESTful is not mandatory, but would be advisable.
213 pages, Kindle Edition
First published January 1, 2014
4 people are currently reading
2 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 2 of 2 reviews
January 30, 2015
RESTful APIs have been the driving force over the last few years to enable a wide range of client applications (mobile or web). Given the world that we live today, securing these endpoints is critical due to the potential damage that the attacker could cause if the endpoints are not secured enough. Material on securing REST services on the web is few and far between.
Packt Pub’s book is catered to address this important topic of security vis-a-vis RESTful Java Web Services. Here are the highlights of the book:
The book begins by setting up the development environment and the basic sample application. It focuses on JBOSS and the RESTEasy implementation and the idea is to get your REST Service functional and running. This is a simple and effective approach in my opinion.
The next chapter focuses on various security basics that include authentication, authorization and then Basic and Certificate based authentication. It provides an overview of API Keys for security too.
The next 3 chapters are focused on RESTEasy and the mechanisms that it has for security your API Endpoints. The coverage includes use of Annotations and programmatic implementation of security. Other topics include OAuth, Digital Signatures and message body encryption.
I particularly liked the methodical approach of covering different areas of security. Not all of these mechanisms will apply to your implementation and hence it is good to look at them separately.
If you looking for a good overview of REST Security concepts and if JBOSS/RESTEasy are your tools of choice, this is a good book.
Packt Pub’s book is catered to address this important topic of security vis-a-vis RESTful Java Web Services. Here are the highlights of the book:
The book begins by setting up the development environment and the basic sample application. It focuses on JBOSS and the RESTEasy implementation and the idea is to get your REST Service functional and running. This is a simple and effective approach in my opinion.
The next chapter focuses on various security basics that include authentication, authorization and then Basic and Certificate based authentication. It provides an overview of API Keys for security too.
The next 3 chapters are focused on RESTEasy and the mechanisms that it has for security your API Endpoints. The coverage includes use of Annotations and programmatic implementation of security. Other topics include OAuth, Digital Signatures and message body encryption.
I particularly liked the methodical approach of covering different areas of security. Not all of these mechanisms will apply to your implementation and hence it is good to look at them separately.
If you looking for a good overview of REST Security concepts and if JBOSS/RESTEasy are your tools of choice, this is a good book.
February 13, 2015
The "security" need to be a must on every kind of application, but if we plan to expose our applications business logic with RESTful services we need to think two times about secure implementation on that layer.
The book is a great introduction to the security of the RESTful system, drives the programmer to implement different layers of security, from the user authentication and authorization to the encryption and signature of the payload. It is also a good quick reference for every developer that need to implement OAuth and/or digital signature of the data.
What I didn't liked on the book that is too much tight to RESTeasy implementation, I hope in the future editions to see also some references to the Jersey implementation!
At the end is a good book and if you're working on RESTful Java project you need to read it!
The book is a great introduction to the security of the RESTful system, drives the programmer to implement different layers of security, from the user authentication and authorization to the encryption and signature of the payload. It is also a good quick reference for every developer that need to implement OAuth and/or digital signature of the data.
What I didn't liked on the book that is too much tight to RESTeasy implementation, I hope in the future editions to see also some references to the Jersey implementation!
At the end is a good book and if you're working on RESTful Java project you need to read it!
Displaying 1 - 2 of 2 reviews