book

RESTful Java Web Services - Third Edition

by Balachandar Bogunuva Mohanram

November 2017

Intermediate to advanced

420 pages

10h 29m

English

Packt Publishing

Read now

Unlock full access

Content preview from RESTful Java Web Services - Third Edition

Key considerations for securing RESTful services

In the previous sections, we covered in detail the various techniques for securing the RESTful services. Some of the best practices, apart from authentication and authorization, that are worth considering for securing RESTful services are listed as follows:

A whitelist is a list of allowable actions on an entity; it is the reverse of blacklisting. It is important for a RESTful service to mention only the allowable action verbs such as GET/POST, so the other actions, even if triggered by the client, are denied.
Validation of the URL is a must for RESTful services, as attackers tamper with the URL to perform injection attacks. Avoid encoding sensitive information in the URL.
Ensure that the ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

RESTful Java Web Services, Second Edition

Jobinesh Purushothaman

Java Web Services

David A Chappell, Tyler Jewell

Building RESTful Web Services with Java EE 8

Mario-Leander Reimer

Practical JSF in Java EE 8: Web Applications in Java for the Enterprise

Michael Müller

Publisher Resources

ISBN: 9781788294041Supplemental Content