Building Secure RESTful Webservices

Recently I delivered a webinar on "Building Secure RESTFul Webservices" on Techgig which received a very good feedback based on the Techgig survey. The webinar column was published on Gizmodo India as well.

Here is a list of key takeaways from the webinar

  • How HTTPS work in detail and how to implement HTTP BASIC Authentication.
  • What is Mutual SSL Authentication and how to implement it.
  • What kind of damage can be done with security attacks like Man in the Middle and Replay Attack. 
  • Authenticating user without passing credentials over the wire
  • Preventing Man in the Middle attacks using Signature verification
  • Preventing Replay Attacks using timestamp and cryptographic nonce
  • What are OAuth 1a and OAuth 2

The code samples (written in Java) related to this webinar can be found at 


I am embedding the webinar recording for quick access below.


Building Secure RESTful Web Services from Techgig on Vimeo.


Comments

Post a Comment

Popular posts from this blog

Developing Garmin SmartWatch Apps with ConnectIQ Platform-Part 3

Image
In this third and last part of this tutorial we shall see how to pass the meeting information from the Android app to the SmartWatch app/widget that we developed in part 2 of this tutorial. This part of the tutorial requires some prior knowledge on Android development. If you are in need of a quick android tutorial then you can find it  here . ConnectIQ platform comes with following pre-built mobile SDKs. Android BLE - (actually connects Android app to Smartwatch Apps over BLE) iOS BLE - (connects an iOS mobile app to Smartwatch App over BLE) Android ADB - ( used to simulate BLE connection over ADB) These SDK's  are set of libraries  required to communicate over BLE or to simulate a BLE like connection over ADB (the Android debug bridge). In this part of the tutorial we will look at that Android ADB SDK so that we can simulate the BLE like connection using the emulator in our development environment. You can select and download the Android ADB SDK from the ...
Read more

Developing Garmin SmartWatch Apps with ConnectIQ Platform-Part 1

Image
Recently I was involved in developing apps for Gramin Wearables . Being new to the wearables world I found it relatively easier to develop apps for Garmin Wearables then what I had thought earlier. Hence I would like to share my experience via this blog series. I will take you through the step by step process of developing a simple watch widget that synchronizes with an Android phone's Google Calendar to send out meeting alerts and reminders on your Garmin Watch. Apps for Garmin Wearables are developed using the Garmin ConnectIQ SDK   and are programmed using  Monkey C language  . You are already familiar with Monkey C if you are familiar with languages like Java or Objective C. Introduction to  Monkey C language   highlights the basic difference between other languages and Monkey C. Its a short and precise tutorial, I would suggest to give a quick read in case you are planning to develop apps for Garmin. The Problem Statement Lets say you own an And...
Read more

Getting around with Anaconda License violation while using Conda or Miniconda

Image
If you are a Conda or Miniconda user you might have noticed that installing Anaconda packages via the default channel https://repo.anaconda.com/pkgs/ now requires a commercial license if you are an enterprise . If you are using it for individual purposes or are a startup, you are still able to use it without violating any license. So for eg. if you normally installed conda and miniconda using the installers or any package manager and do a  conda install <package> it by default uses a default package repo channel https://repo.anaconda.com/pkgs/ to download that python package and install it. So you might be violating the licence by using this repo URL as your default channel.  To confirm whether you are violating the license one can issue  conda config --show default_channels     It can be seen that default repo is set to use https://repo.anaconda.com/pkgs/   channel URLs.  To get around this violation there are multiple options. I will list 2 o...
Read more