Two-Project Series

Role-Based Access Control for APIs Using LDAP you own this product

prerequisites
basics of Java, JavaScript, HTML, and CSS
skills learned
implementing basic HTTP authentication with username and password • implementing session management • authorizing requests based on user role • logging requests for auditing purposes
Sashank Dara
2 weeks · 8-10 hours per week average · BEGINNER
filed under

In this series of liveProjects, you’ll develop and implement role-based access controls to limit which employees can access a REST API. You’ll step into the shoes of a developer modernizing their company’s personal time-off request application, taking on essential access control tasks such as adding HTTP authentication, securely storing passwords in a database, and authorizing leave requests by employees based on user role. Each liveProject in this series can be tackled by itself or as part of an extended learning course.

These projects are designed for learning purposes and are not complete, production-ready applications or solutions.

here's what's included

Project 1 LDAP RBAC: Authentication

In this liveProject, you’ll add basic HTTP authentication to an API for granting Personal Time Off requests using the Lightweight Directory Access Protocol (LDAP). This application contains sensitive personal information and so its security is essential. You’ll establish authentication that ensures only registered users can access the API and provides login requirements to authenticate users before they get access.

$29.99 $19.99
add to cart
Project 2 LDAP RBAC: Authorization

In this liveProject, you’ll establish functionalities to provide role-based authorization for leave requests made through a Personal Time Off API. Using the Lightweight Directory Access Protocol (LDAP), you’ll set up access controls so that only managers and other authorized users can retrieve non-personal leave records and approve leave requests.

$29.99 $19.99
add to cart

project author

Sashank Dara
Sashank Dara, PhD, is a seasoned cybersecurity technologist and expert. He has over 17 years of extensive experience in cybersecurity R&D. He received his PhD in cybersecurity from IIIT-Bangalore in the area of applied cryptography and threat intelligence. He is co-inventor of five U.S. patents (and 3 IETF drafts) in the areas of cloud, SDN, and NFV security. He is a trusted information security consultant and adviser for top companies in EdTech, IT/ITes, academia, and real estate. Dara has published more than a dozen research papers at IEEE, LNCS conferences in the areas of cloud security, privacy, cryptography, and threat intelligence. He is a prolific speaker at security conferences and invited talks. He was a consultant advisor with Manipal Global Education Services for its cybersecurity programs. He was a security technology and strategy advisor for security startups including Appknox, Haltdos, and SecurityJourney.com. Dara is currently the CTO and co-founder of Seconize, an award-winning cybersecurity startup pioneering a cyber risk and compliance management SaaS product suite.

Prerequisites

This liveProject series is for Java developers who have read up on the basics of LDAP. To begin this liveProject series, you will need to be familiar with the following:


TOOLS
  • Basics of Java
  • Basics of JavaScript
  • Basics of HTML and CSS
  • Basics of Spring
  • Basics of JDBC
TECHNIQUES
  • Basic debugging
  • Code reviews
  • Code refactoring
  • Unit testing
  • Security testing

you will learn

In this liveProject you will learn to implement session management in line with established standards and best practices.


  • Understanding an API specified in Open API Specification 3.0 using Swagger
  • Setting up the environment to implement the API specification provided using Java Spring
  • Learning the basics of Lightweight Directory Access Protocol (LDAP)
  • Implementing basic HTTP authentication with username and password as per LDAP protocol
  • Implementing session management as per LDAP protocol
  • Authorizing requests based on user role as per LDAP protocol
  • Logging requests for auditing purposes using standard formats
  • Testing the functionality of the reference API implementation using Postman

features

Self-paced
You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.
includes 2 liveProjects
liveProject $27.99 $39.99 self-paced learning
RECENTLY VIEWED