Summary
In this chapter, we have focused on various security aspects of developing a cloud native application. In the first section, we covered certificate management in a Ballerina application. We discussed securing Ballerina services with HTTPS and mutual SSL. When you are building a cloud application, make sure to validate endpoints with a proper certificate management system. Certificate validation prevents man-in-the-middle attacks and secures cloud applications.
Next, we discussed the different types of authentication and authorization methods for a Ballerina application. We learned what LDAP is and how to set up an LDAP server using Apache DS. The sample program demonstrated how to implement a simple scenario by means of which different users with different access levels access a Ballerina resource function. For this example, we manually added the user information to the LDAP server, but you can have a third-party application to manage the LDAP server.
In the last section...