Pro ASP.NET Web API Security: Securing ASP.NET Web API by Badrinarayanan Lakshmiraghavan
Author:Badrinarayanan Lakshmiraghavan [Lakshmiraghavan, Badrinarayanan]
Language: eng
Format: epub, pdf
Tags: Computers, Programming Languages, Programming, General, C#, Web, Web Programming, Microsoft
ISBN: 9781430257820
Publisher: Apress
Published: 2013-03-27T04:00:00+00:00
if (headers.Authorization != null && headers.Authorization.Scheme.Equals("Saml"))
{
string token = encoding.GetString(
Convert.FromBase64String(headers.Authorization.Parameter));
// Code to use the token goes here
}
return await base.SendAsync(request, cancellationToken);
}
}
It is possible to parse the SAML just like any other XML, but there is a better alternative. We can use a security token handler to read and validate the token. Of course, we need to specify the X.509 certificate used by the STS as encrypting credentials so that the token handler can decrypt it correctly. In Listing 9-15, I use the certificate CN=RP. On a machine running STS, this certificate will contain only the public key. The machine running the web API must have the certificate with the private key. I reuse the extension method ToCertificate that we created in Chapter 6 here to read the certificates. Listing 9-15. Reading a SAML Token
using (var stringReader = new StringReader(token))
{
using (var samlReader = XmlReader.Create(stringReader))
{
var tokenHandlers = SecurityTokenHandlerCollection
.CreateDefaultSecurityTokenHandlerCollection();
SecurityTokenHandlerConfiguration config = tokenHandlers.Configuration;
Download
Pro ASP.NET Web API Security: Securing ASP.NET Web API by Badrinarayanan Lakshmiraghavan.pdf
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Coding Theory | Localization |
Logic | Object-Oriented Design |
Performance Optimization | Quality Control |
Reengineering | Robohelp |
Software Development | Software Reuse |
Structured Design | Testing |
Tools | UML |
Deep Learning with Python by François Chollet(12555)
Hello! Python by Anthony Briggs(9904)
OCA Java SE 8 Programmer I Certification Guide by Mala Gupta(9785)
The Mikado Method by Ola Ellnestam Daniel Brolund(9769)
Dependency Injection in .NET by Mark Seemann(9328)
Algorithms of the Intelligent Web by Haralambos Marmanis;Dmitry Babenko(8282)
Test-Driven iOS Development with Swift 4 by Dominik Hauser(7756)
Grails in Action by Glen Smith Peter Ledbrook(7685)
The Well-Grounded Java Developer by Benjamin J. Evans Martijn Verburg(7550)
Becoming a Dynamics 365 Finance and Supply Chain Solution Architect by Brent Dawson(7002)
Microservices with Go by Alexander Shuiskov(6767)
Practical Design Patterns for Java Developers by Miroslav Wengner(6674)
Test Automation Engineering Handbook by Manikandan Sambamurthy(6624)
Secrets of the JavaScript Ninja by John Resig Bear Bibeault(6398)
Angular Projects - Third Edition by Aristeidis Bampakos(6029)
The Art of Crafting User Stories by The Art of Crafting User Stories(5558)
NetSuite for Consultants - Second Edition by Peter Ries(5490)
Demystifying Cryptography with OpenSSL 3.0 by Alexei Khlebnikov(5295)
Kotlin in Action by Dmitry Jemerov(5048)
