Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
SOA Patterns with BizTalk 2013, Second Edition

You're reading from   SOA Patterns with BizTalk 2013, Second Edition Learn how to create and implement SOA strategies on the Microsoft technology stack using BizTalk Server 2013 and Azure Integration platforms

Arrow left icon
Product type Paperback
Published in Jun 2015
Publisher
ISBN-13 9781784396466
Length 508 pages
Edition 1st Edition
Arrow right icon
Toc

Table of Contents (16) Chapters Close

Preface 1. Building BizTalk Server 2013 Applications FREE CHAPTER 2. Windows Communication Foundation Primer 3. Using WCF Services in BizTalk Server 2013 4. REST and JSON Support in BizTalk Server 2013 5. Azure BizTalk Services 6. Azure Service Bus 7. Planning Service-oriented BizTalk Solutions 8. Schema and Endpoint Patterns 9. Asynchronous Communication Patterns 10. Orchestration Patterns 11. Versioning Patterns 12. Frameworks and Tools 13. New SOA Capabilities in BizTalk Server 2013 – Azure Hybrid Patterns 14. What's New and What's Next? Index

Security


REST offers no built-in security features, however, there are various options available to secure your API. The right solution will depend on your requirements, but remember that REST is meant to be stateless by nature and you should not rely on session states.

Basic authentication is quite easy to implement, but provides the lowest level of security. Usernames and passwords are normally passed around as encoded base64 strings. You should always use Transport Layer Security (TLS), also known as SSL, to encrypt the channel to ensure that the credentials can not be intercepted and inspected.

API keys are another form of basic authentication as described previously, but instead of using a username/password, a token value is passed around. The key is either placed in the header section of the request or in the URL as a query string. Once again, it is best to use TLS when making use of API keys to guarantee privacy.

OAuth is another authentication process, whereby authentication is handled...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image