Secure File-Sharing APIs

Harden File Transferring you own this product

This free project is part of the liveProject series Secure File-Sharing APIs with AWS S3
basics of Java Spring Boot • basics of AWS S3
skills learned
build REST APIs • mitigate file upload vulnerabilities • configure security features in AWS S3
Sashank Dara
1 week · 6-8 hours per week · BEGINNER

placing your order...

Don't refresh or navigate away from the page.
This free project is part of the liveProject series Secure File-Sharing APIs with AWS S3 explore series
Check your email for instructions on accessing Harden File Transferring (liveProject)
continue shopping
adding to cart

choose your plan


only $41.67 per month
  • five seats for your team
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free eBook every time you renew
  • choose twelve free eBooks per year
  • exclusive 50% discount on all purchases
  • Harden File Transferring eBook for free
Look inside

You’re a developer for ShareSafe, a company whose customers can upload personal documents, photos, and videos onto ShareSafe’s website using APIs. Your task is to enable ShareSafe’s users to share their files with others. Using Java Spring Boot, you’ll build a simple file transfer REST API service that supports uploading and downloading of files, and you’ll identify and tackle the file upload vulnerabilities of your REST API service. For backend file storage, you’ll implement Amazon Simple Storage Service (AWS S3). Finally, you’ll harden your service against the most common vulnerabilities by configuring and implementing AWS S3 encryption and access-management features. When you’re finished, you’ll have built a file transfer service that provides high scalability, durability, encryption, and backups, and allows your users to share their files with ease.

project author

Sashank Dara

Sashank Dara received his PhD in cybersecurity from IIIT-Bangalore in the area of applied cryptography and threat intelligence. He’s an expert cybersecurity technologist with more than 17 years of experience in the field, including as a consultant advisor for Manipal Global Education Services’ cybersecurity programs and as a security technology and strategy advisor for security startups including Appknox, Haltdos, and He remains a trusted information security consultant and advisor for top companies in EdTech, IT/ITes, academia, and real estate. He’s the co-inventor of 5 U.S. patents (and 3 IETF drafts) in the areas of cloud, SDN, and NFV security, and he’s published more than a dozen research papers at IEEE, LNCS conferences in the areas of cloud security, privacy, cryptography, and threat intelligence. A prolific speaker at security conferences and invited talks, Dara is currently the CTO and co-founder of Seconize, an award-winning cybersecurity startup pioneering a cyber risk and compliance management SaaS product suite.


This liveProject is for programmers familiar with basic REST APIs and Java who are interested in learning to build a simple and secure file-sharing API service. To begin this liveProject, you’ll need to be familiar with the following:

  • Basics of Java
  • Basics of Spring
  • Basics of JDBC
  • Basics of AWS S3
  • Testing APIs via Postman
  • Command line basics of any Linux-hosted system
  • Basic debugging
  • Code reviews
  • Code refactoring
  • Unit testing
  • Security testing

you will learn

In this liveProject, you’ll learn to build a simple file-sharing service and harden it against common vulnerabilities, using secure coding and testing practices.

  • Understand the ShareSafe API specified in Open API Specification 3.0 using Swagger
  • Understand the shared responsibility model of Cloud Security
  • Set up the environment to implement the API specification provided using Java Spring
  • Use AWS S3 Java SDK and APIs for a cloud-based file storage service
  • Implement basic file upload and download in a REST API service
  • Identify and mitigate file upload vulnerabilities
  • Test the functionality of the reference API implementation using Postman


You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.