- Series: Expert's Voice in .NET
- Paperback: 416 pages
- Publisher: Apress; 1st ed. edition (March 29, 2013)
- Language: English
- ISBN-10: 1430257822
- ISBN-13: 978-1430257820
- Product Dimensions: 7.5 x 1 x 9.2 inches
- Shipping Weight: 2 pounds (View shipping rates and policies)
- Average Customer Review: 4.8 out of 5 stars See all reviews (23 customer reviews)
- Amazon Best Sellers Rank: #618,258 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Pro ASP.NET Web API Security: Securing ASP.NET Web API (Expert's Voice in .NET) 1st ed. Edition
Use the Amazon App to scan ISBNs and compare prices.
See the Best Books of 2017 So Far
Looking for something great to read? Browse our editors' picks for the best books of the year so far in fiction, nonfiction, mysteries, children's books, and much more.
Frequently bought together
Customers who bought this item also bought
Browse award-winning titles. See more
If you are a seller for this product, would you like to suggest updates through seller support?
Top customer reviews
Far and away, my favorite part about this book is the depth to which it explains the technologies that underlie both ASP.NET Web API (namely HTTP) and security, for example X.509 certificates, Federation services, hashing, digital signing and encryption. At every step of the way real code is presented to either use the facilities described or to implement the services in question (even though the implementations are sometimes just for illustration, and not full implementations of production quality systems).
I would flat-out recommend this book to anyone who needs or would like to learn about web technology security. Although you'll have to put up with a little Web API material you might not be specifically interested in, 90% of the book is relevant to all web programming. And even if you aren't interested much in Web API - read it cover to cover anyway. The essence of RESTful web services is leveraging the power of HTTP - which underlies most web related programming I've encountered. And even though the book doesn't specifically address technologies like JSON, CORS, ETags and Cookies, their role in web programming is illuminated though the context of securing Web API, which should help the reader understand these and other subject from a perspective not always addressed in other sources.
Let me stress - much of this book is not specific to Web API. In fact, if you only wanted to secure a web-enabled application of any type, most of this book applies to what you're trying to do. That having been said, if you do need to work on a Web API application, you'll find everything you need right here.
I can tell you that before reading this book, I had played with OAuth 2.0 to the point of even getting an application talking to LinkedIn. Now I understand what I was doing.
I recommend this book for anyone:
- Somewhat experienced with C#. You won't get anything out of the code samples unless you know C# to at least be able to read the syntax. The author explains the code samples extensively, so this isn't an absolute requirement, but it'll help you get the most out of the book.
- Interested in learning more in depth about web programming having done some.
- Interested in ASP.NET Web API, but willing to learn about the platform itself from other sources.
- Interested in computer security in general, or specifically in the securing of web applications (beyond even Web API).
- Interested in RESTful web services (although if you hate security, you won't find the bulk of the book to be useful).
- Thinking about integrating cloud type software with other software, and how you can go about providing authentication and authorization across the cloud boundaries.
I don't recommend this book for someone:
- Totally unfamiliar with C#.
- Completely new to web programming.
- Considering her/himself to be an expert on web security topics, and wants to become an expert Web API application designer. You won't be learning about how to put together a Web API, just how to secure it.
Negatives for the book:
The index isn't very good, or at least, after I read the book and I wanted to reread about a specific topic, I had to find it myself by context matching with the table of contents. The index never listed the items I wanted to review.
There is a lot of code. The author does as good a job as I've seen explaining what each snippet does and how it's important, but still there are a few places where page after page of code is presented. Still, my preference is to only get the really important lines of code so that I can focus on the topic at hand, and not have to mentally trace variables from method listing to method listing. Some folks might prefer it this way, but I think it muddies up an otherwise good read.
Even if ASP.NET Web Api isn't your method of choice for creating JSON/XML and RESTful services, there is so much to take away from this book. It's an absolute buy and a pleasure to read.
A wonderful overview of how to secure Asp.net Web API. I appreciated the ground up approach to the book. At first I felt like there was a lot of unrelated material being covered (because I was mainly interested in the OAuth 2.0 workflows), but in the end the material covered was so well put together - each chapter built on the previous chapter.
A very well written book - one of the top security books I have read recently.
Also I loved the addition of chapter 15 - a 2013 OWASP list of the top 10 security vulnerabilities and how they relate to ASP.NET Web API - I didn't see that coming a great way to end the book.
I ordered another book along with this one "ASP.NET Web API 2: Building a REST Service from Start to Finish" & was planning to read this before hand, but I taught me everything except WebAPI, But when I started WebAPI Security book, I was so happy that finally there is a book which takes you inside the concepts and you use as a reference your entire life.