Take the security of your ASP.NET Web API to the next level using some of the most amazing security techniques aroundAbout This Book
Who This Book Is For
This book is intended for anyone who has previous knowledge of developing ASP.NET Web API applications. Good working knowledge and experience with C# and.NET Framework are prerequisites for this book.What You Will Learn
In Detail
This book incorporates the new features of ASP.NET Web API 2 that will help you to secure an ASP.NET Web API and make a well-informed decision when choosing the right security mechanism for your security requirements.
We start by showing you how to set up a browser client to utilize ASP.NET Web API services. We then cover ASP.NET Web API's security architecture, authentication, and authorization to help you secure a web API from unauthorized users. Next, you will learn how to use SSL with ASP.NET Web API, including using SSL client certificates, and integrate the ASP.NET Identity system with ASP.NET Web API.
We'll show you how to secure a web API using OAuth2 to authenticate against a membership database using OWIN middleware. You will be able to use local logins to send authenticated requests using OAuth2. We also explain how to secure a web API using forms authentication and how users can log in with their Windows credentials using integrated Windows authentication. You will come to understand the need for external authentication services to enable OAuth/OpenID and social media authentication. We'll then help you implement anti-Cross-Site Request Forgery (CSRF) measures in ASP.NET Web API.
Finally, you will discover how to enable Cross-Origin Resource Sharing (CORS) in your web API application.Style and approach
Each chapter is dedicated to a specific security technique, in a task-based and easy-to-follow way. Most of the chapters are accompanied with source code that demonstrates the step-by-step guidelines of implementing the technique, and includes an explanation of how each technique works.
