Buch, Englisch, 384 Seiten, Format (B × H): 178 mm x 254 mm, Gewicht: 771 g
Demystifying OAuth 2, OpenID Connect, and SAML 2
Buch, Englisch, 384 Seiten, Format (B × H): 178 mm x 254 mm, Gewicht: 771 g
ISBN: 978-1-4842-8260-1
Verlag: Apress
Know how to design and use identity management to protect your application and the data it manages.
At a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided.
Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more.
This revised and expanded edition includes additional content providing an overview of the new version of OAuth (2.1)—what led to it, and primary changes in this version (including features removed from 2.1 that were in 2.0 and why they were removed)—as well as coverage of newer specification documents (RFC 8639—Device flow, useful for IoT devices, RFC 8705—mutual Transport Layer Security, RFC 8707—the protocol “resource” parameter, it’s purpose and use, and more).
What You’ll Learn
- Understand key identity management concepts
- Incorporate essential design principles
- Design authentication and access control for a modern application
- Know the identity management frameworks and protocols used today (OIDC/OAuth 2.0/2.1, SAML 2.0)
- Review historical failures and know how to avoid them
Who This Book Is For
Developers, enterprise or application architects, business application or product owners, and anyone involved in an application's identity management solution
Autoren/Hrsg.
Weitere Infos & Material
Chapter 1: The Hydra of Modern Identity.- Chapter 2: The Life of an Identity.- Chapter 3: Evolution of Identity.- Chapter 4: Identity Provisioning.- Chapter 5: OAuth 2.0 and API Authorization.- Chapter 6: OIDC OpenID Connect.- Chapter 7: SAML 2.- Chapter 8: Authorization and Policy Enforcement.- Chapter 9: Sessions.- Chapter 10: Using Modern Identity to Build Applications.- Chapter 11: Single Sign-on.- Chapter 12: Strong Authentication.- Chapter 13: Logout.- Chapter 14: Account Management.- Chapter 15: Deprovisioning.- Chapter 16: Troubleshooting.- Chapter 17: Exceptions.- Chapter 18: Less Common Requirements.- Chapter 19: Failures.- Chapter 20: Compliance.- Chapter 21: Looking into the Crystal Ball.- Chapter 22: Conclusion.- Appendix A: Glossary.- Appendix B: Resources for Further Learning.- Appendix C: SAML Authentication Request and Response.- Appendix D: Public Key Cryptography.- Appendix E: Troubleshooting Tools.- Appendix F: Privacy Legislation.- Appendix G: Security ComplianceFrameworks.
