eBook Pro ASP.NET Web API Security, 1st Edition

  • Published By:
  • ISBN-10: 1430257830
  • ISBN-13: 9781430257837
  • DDC: 005.2762
  • Grade Level Range: College Freshman - College Senior
  • 416 Pages | eBook
  • Original Copyright 2013 | Published/Released June 2014
  • This publication's content originally published in print form: 2013
  • Price:  Sign in for price



ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP.With such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols you’re familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with.Fortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP, meaning that there is no limit to the range of devices that it can work with - if it can understand HTTP, then it can be secured by Web API. These SOAP-less security techniques are the focus of this book.

Table of Contents

Front Cover.
Title Page.
Copyright Page.
Contents at a Glance.
About the Author.
About the Technical Reviewer.
1: Introduction.
2: Welcome to ASP.NET Web API.
3: Building RESTful Services.
4: Extensibility Points.
5: HTTP Anatomy and Security.
6: Identity Management.
7: Encryption and Signing.
8: Custom STS through WIF.
9: Knowledge Factors.
10: Ownership Factors.
11: Web Tokens.
12: OAuth 2.0 Using Live Connect API.
13: OAuth 2.0 from the Ground Up.
14: OAuth 2.0 Using DotNetOpenAuth.
15: Two-Factor Authentication.
16: Security Vulnerabilities.
ASP.NET Web API Security Distilled.