MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious

Web API v2 Security

Course Summary

The main feature focus of ASP.NET Web API v2 was security. There's a brand new authentication system and support for popular authentication methods, like OAuth2 tokens, that is already built-in. Additionally, it is now much easier to use Web APIs from Jav


  • +

    Course Syllabus

    ● Overview
        ◦ Overview
    ● HTTP Security Primer
        ◦ Overview
        ◦ Transport Security
        ◦ X.509 Certificates
        ◦ SSL Handshake
        ◦ Developers and SSL
        ◦ Where to get Certificates from?
        ◦ Creating Certificates
        ◦ Demo: Building an SSL Development Environment
        ◦ Demo: Command Line Tools and Self-hosting
        ◦ Demo: Fiddler and SSL Tracing
        ◦ Validating Certificates using .NET APIs
        ◦ Resources
    ● ASP.NET Web API Security Architecture
        ◦ Overview
        ◦ The Security Pipeline
        ◦ OWIN/Katana Hosting
        ◦ OWIN Middleware
        ◦ Message Handler
        ◦ Authentication Filter
        ◦ Authorization Filter
        ◦ Accessing Client Identity
        ◦ Demo: Security Pipeline
        ◦ Demo: Hosting Options
        ◦ Summary
        ◦ Resources
    ● Classic Authentication and Katana Authentication Middleware
        ◦ Overview
        ◦ Windows Authentication
        ◦ Demo: Windows Authentication
        ◦ Basic Authentication
        ◦ Excursion: Katana Authentication Middleware
        ◦ Demo: Basic Authentication
        ◦ X.509 Client Certificates
        ◦ Demo: Client Certificates and Combining Authentication Methods
        ◦ Demo: Self Hosting
        ◦ Summary
    ● JavaScript and Browser-based Clients
        ◦ Overview
        ◦ Same Origin Policy
        ◦ Implicit Browser Authentication
        ◦ Cross Site Request Forgery (CSRF)
        ◦ CSRF Mitigation
        ◦ Demo: Implicit Authentication and CSRF
        ◦ Demo: CSRF Mitigation using Anti-Forgery Tokens
        ◦ Cross Origin Resource Sharing (CORS)
        ◦ Demo: CORS support in Web API
        ◦ Summary
    ● Token-based Authentication - Part 1
        ◦ Overview
        ◦ Modern Applications
        ◦ Requirements and Complexity
        ◦ OAuth2
        ◦ Authorization Servers
        ◦ Demo: Thinktecture AuthorizationServer
        ◦ Trusted Applications
        ◦ Demo: Resource Owner Credential Flow
        ◦ Adding Refresh Tokens
        ◦ Demo: Adding Refresh Tokens
        ◦ Demo: AuthorizationServer and Resource Owner Flow
        ◦ Excursion: JSON Web Tokens
    ● Token-based Authentication - Part 2
        ◦ Native or Browser-based Clients
        ◦ Demo: Implicit Flow
        ◦ Confidential Clients
        ◦ Demo: Authorization Code Flow
        ◦ Federation and Delegation
        ◦ Demo: Assertion Flow
        ◦ Summary
        ◦ Resources
    ● Authorization
        ◦ Overview
        ◦ Client vs. User Authorization
        ◦ Authorization Options
        ◦ AuthorizeAttribute Usage and Internals
        ◦ Custom Authorization Logic
        ◦ Imperative Authorization
        ◦ Demo: Authorization
        ◦ Summary

     


Course Fee:
USD 29

Course Type:

Self-Study

Course Status:

Active

Workload:

1 - 4 hours / week

Attended this course?

Back to Top

Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url

Back to Top