CG数据库 >> Web API v2 Security with Dominick Baier

Web API v2 Security with Dominick Baier的图片1Web API v2 Security

WEBRip | English | MP4 + Project Files | 1024 x 768 | AVC ~487 kbps | 15 fps

AAC | 128 Kbps | 44.1 KHz | 2 channels | 6h 12mn | 1.11 GB

Genre: Video Tutorial / Development, Programming

Implementing Authentication and Authorization in ASP.NET Web API v2. The main feature focus of ASP.NET Web API v2 was security. There's a brand new authentication system and support for popular authentication methods, like OAuth2 tokens, that is already built-in. Additionally, it is now much easier to use Web APIs from JavaScript clients and the new security extensibility gives you powerful features to integrate your APIs in arbitrary security systems.

Content:

Overview

Overview

HTTP Security Primer

Overview

Transport Security

X.509 Certificates

SSL Handshake

Developers and SSL

Where to get Certificates from

Creating Certificates

Demo. Building an SSL Development Environment

Demo. Command Line Tools and Self-hosting

Demo. Fiddler and SSL Tracing

Validating Certificates using .NET APIs

Resources

ASP.NET Web API Security Architecture

Overview

The Security Pipeline

OWIN-Katana Hosting

OWIN Middleware

Message Handler

Authentication Filter

Authorization Filter

Accessing Client Identity

Demo. Security Pipeline

Demo. Hosting Options

Summary

Resources

Classic Authentication and Katana Authentication Middleware

Overview

Windows Authentication

Demo. Windows Authentication

Basic Authentication

Excursion. Katana Authentication Middleware

Demo. Basic Authentication

X.509 Client Certificates

Demo. Client Certificates and Combining Authentication Methods

Demo. Self Hosting

Summary

JavaScript and Browser-based Clients

Overview

Same Origin Policy

Implicit Browser Authentication

Cross Site Request Forgery (CSRF)

CSRF Mitigation

Demo. Implicit Authentication and CSRF

Demo. CSRF Mitigation using Anti-Forgery Tokens

Cross Origin Resource Sharing (CORS)

Demo. CORS support in Web API

Summary

Token-based Authentication - Part I

Overview

Modern Applications

Requirement and Complexity

OAuth2

Authorization Servers

Demo. Thinktecture AuthorizationServer

Trusted Applications

Demo. Resource Owner Credential Flow

Adding Refresh Tokens

Demo. Adding Refresh Tokens

Demo. AuthorizationServer and Resource Owner Flow

Excursion. JSON Web Tokens

Token-based Authentication - Part II

Native or Browser-based Clients

Implicit Flow

Confidential Clients

Demo. Authorization Code Flow

Federation and Delegation

Demo. Assertion Flow

Summary

Resources

Authorization

Overview

Client vs. User Authorization

Authorization Options

AuthorizeAttribute Usage and Internals

Custom Authorization Logic

Imperative Authorization

Demo. Authorization

Summary

Web API v2 Security with Dominick Baier的图片2

Web API v2 Security with Dominick Baier的图片3

Web API v2 Security with Dominick Baier的图片4


下载链接-百度网盘

发布日期: 2015-10-05

CG数据库   关于本站   联系方式   Archiver