Authentication for APIs

Authorization you own this product

This project is part of the liveProject series Authentication, Authorization, and Audit Management for APIs

prerequisites: basics of Java, Spring, and debugging
skills learned: understanding an API specified in Open API Specification 3.0 • authorizing requests based on user role • access control testing

Sashank Dara

1 week · 6-8 hours per week · BEGINNER

filed under

Development

try now

placing your order...

Don't refresh or navigate away from the page.

liveProject

$19.99

liveProject This project is part of the liveProject series Authentication, Authorization, and Audit Management for APIs liveProjects give you the opportunity to learn new skills by completing real-world challenges in your local development environment. Solve practical problems, write working code, and analyze real data—with liveProject, you learn by doing. These self-paced projects also come with full liveBook access to select books for 90 days plus permanent access to other select Manning products. $19.99 $29.99 you save $10 (33%)

get all Manning content with a subscription

Authorization (liveProject) added to cart

continue shopping adding to cart

continue shopping

adding to cart

choose your plan

pro

monthly

annual

$24.99

$249.99
only $20.83 per month

share your subscription with one other person
access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose another free eBook every time you renew
choose twelve free eBooks per year
exclusive 50% discount on all purchases
Authorization eBook for free

team

monthly

annual

$49.99

$499.99
only $41.67 per month

five seats for your team
access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose another free eBook every time you renew
choose twelve free eBooks per year
exclusive 50% discount on all purchases
Authorization eBook for free

more seats?

Look inside

In this liveProject, you’ll implement HTTP authentication so that leave requests can be authorized based on user role. You will set up three Role Based Access Control (RBAC) functionalities for the REST API. The first RBAC will allow a reportee user account to access its own leave requests while keeping other data secure. The second RBAC will allow managers to see all the leave requests of employees they are responsible for. Finally, you’ll establish an RBAC for approving leave requests.

This liveProject was implemented by Natan Streppel.

This project is designed for learning purposes and is not a complete, production-ready application or solution.

book resources

When you start your liveProject, you get full access to the following books for 90 days.

project author

Sashank Dara

Sashank Dara received his PhD in cybersecurity from IIIT-Bangalore in the area of applied cryptography and threat intelligence. He’s an expert cybersecurity technologist with more than 17 years of experience in the field, including as a consultant advisor for Manipal Global Education Services’ cybersecurity programs and as a security technology and strategy advisor for security startups including Appknox, Haltdos, and SecurityJourney.com. He remains a trusted information security consultant and advisor for top companies in EdTech, IT/ITes, academia, and real estate. He’s the co-inventor of 5 U.S. patents (and 3 IETF drafts) in the areas of cloud, SDN, and NFV security, and he’s published more than a dozen research papers at IEEE, LNCS conferences in the areas of cloud security, privacy, cryptography, and threat intelligence. A prolific speaker at security conferences and invited talks, Dara is currently the CTO and co-founder of Seconize, an award-winning cybersecurity startup pioneering a cyber risk and compliance management SaaS product suite.

prerequisites

The liveProject is for Java programmers familiar with the basics of REST APIs. To begin this project you will need to be familiar with:

TOOLS

Basics of Java, min. version 11 (classes, interfaces)
Basics of Spring MVC (POST of GET requests)
Basics of JDBC or Spring Data (insert or retrieve data from a database)
Java IDEs such as Eclipse or IntelliJ IDEA
Testing APIs via Postman
Gradle, min. version 6.4.1
Docker, min. version 17.03, and Docker Compose, min. version 1.22.0
Git

TECHNIQUES

Basic debugging
Code reviews
Code refactoring
Unit testing
Security testing

you will learn

In this series of liveProjects, you’ll learn how to add essential security features to a REST API.

Understanding an API specified in Open API Specification 3.0 using Swagger
Setting up an environment to implement the API specification provided using Java Spring
Authorizing requests based on user role
Testing the functionality of the reference API implementation using Postman
Access control testing

features

Self-paced: You choose the schedule and decide how much time to invest as you build your project.
Project roadmap: Each project is divided into several achievable steps.
Get Help: While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others: For each step, compare your deliverable to the solutions by the author and other participants.
book resources: Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.