O'Reilly logo

Mastering Internet of Things by Peter Waher

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Protecting our web services

The login page described earlier only protects our Markdown content, not our dynamic web services. If you know the resource names of the web services, you can still extract all sensor data and control the actuator output, unauthenticated. To avoid this, we need to add an authentication layer on top of our web services. We can do this by using JWT (Java Web Tokens). These tokens are simple strings that are cryptographically signed by a server, and that can be easily transported in any type of machine-to-machine communication where you want to avoid sessions and login forms. The server can then validate the token by checking the signature. By adding the Waher.Security.JWT.UWP NuGet package to our SensorHttp and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required