Posts

Showing posts from May, 2016

Building Secure RESTful Webservices

Recently I delivered a webinar on "Building Secure RESTFul Webservices" on Techgig  which received a very good feedback based on the Techgig survey. The webinar column was published on Gizmodo India  as well. Here is a list of key takeaways from the webinar How HTTPS work in detail and how to implement HTTP BASIC Authentication. What is Mutual SSL Authentication and how to implement it. What kind of damage can be done with security attacks like Man in the Middle and Replay Attack.  Authenticating user without passing credentials over the wire Preventing Man in the Middle attacks using Signature verification Preventing Replay Attacks using timestamp and cryptographic nonce What are OAuth 1a and OAuth 2 The code samples (written in Java) related to this webinar can be found at  https://github.com/abhilshit/bookstore   https://github.com/abhilshit/bookstore-client I am embedding the webinar recording for quick access below. Building Secure RESTful Web