Book Image

Restful Java Web Services Security

By : René Enríquez
Book Image

Restful Java Web Services Security

By: René Enríquez

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Restful Java Web Services Security
René Enríquez
Jul, 2014 | 144 pages
No titles found
Table of Contents (12 chapters)
RESTful Java Web Services Security
RESTful Java Web Services Security
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Setting Up the Environment
Setting Up the Environment
Downloading tools
Creating the base project
First functional example
Summary
2
The Importance of Securing Web Services
The Importance of Securing Web Services
The importance of security
Security management options
API keys
Summary
3
Security Management with RESTEasy
Security Management with RESTEasy
Fine-grained and coarse-grained security
Summary
4
RESTEasy Skeleton Key
RESTEasy Skeleton Key
OAuth protocol
OAuth and RESTEasy Skeleton Key
SSO configuration for security management
OAuth token via Basic Auth
Custom filters
Summary
5
Digital Signatures and Encryption of Messages
Digital Signatures and Encryption of Messages
Digital signatures
Message body encryption
Summary
Index
Index

Digital signatures

Digital signatures, nowadays, are a widely used mechanism. They are mainly used to sign digital documents and issue electronic invoices, among other things.

Among the benefits of using them are the following:

  • They allow the receiver to obtain the identity of whoever has made the signature.

  • They provide the ability to verify that the information sent has not been altered since it has been signed by the issuer.

In order to electronically sign the information that we will exchange through RESTful web services, we will use the authentication mechanism known as DomainKeys Identified Mail (DKIM), which allows us to decorate messages with headers using the rules dictated by the DOSETA specification. This authentication mechanism is mainly used for e-mail identity verification; however, it also works over other protocols such as HTTP, and it is because of this fact we can integrate it with RESTful web services. Thus, we will inject metadata into our messages with the purpose of signing...

Previous Section
End of Section 2
Next Section