SlideShare una empresa de Scribd logo

Wilma - Lesson 3. Securing a REST API

Descargar como PPTX, PDF
Álvaro Alonso González
Álvaro Alonso González

PEP Proxy Wilma GE. Lesson 3. Securing a REST API Álvaro Alonso UPM-DIT. Security Chapter Video at https://edu.fiware.org/course/view.php?id=131 FIWARE Academy https://edu.fiware.org http://fiware.org

Ingeniería
1 de 9
PEP Proxy - Wilma GE Lesson 3 - Securing a REST API Álvaro Alonso. UPM – DIT Security Chapter. FIWARE aalonsog@dit.upm.es, @larsonalonso
Contents • Checking Authentication • Checking Basic Authorization • Checking Advanced Authorization
Main concepts • Authentication – Check if a user is a registered user • Basic Authorization – Check if a user has permissions to access a resource – HTTP verb + resource path • Advanced Authorization – Check if a user has permissions to access a resource – Custom XACML policies
Main concepts - Authentication Backend Service REST API HTTP request + TOKEN Wilma User Keyrock GE TOKEN OK + user info
Main concepts – Basic Authorization Backend Service REST API HTTP request + TOKEN Wilma User Keyrock GE AutZForce GE
Main concepts – Advanced Authorization Backend Service REST API HTTP request + TOKEN Wilma * User Keyrock GE AutZForce GE
Guidelines • Requests to Wilma $ curl --header "X-Auth-Token:z2zXk...ANOXvZrmvxvSg" http://proxy_host
Documentation • XACML 3.0 – http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec- os-en.html • AuthZForce GE – http://catalogue.fiware.org/enablers/authorization-pdp- authzforce/documentation
PEP Proxy - Wilma GE Lesson 3 - Securing a REST API Álvaro Alonso. UPM – DIT Security Chapter. FIWARE aalonsog@dit.upm.es, @larsonalonso

Recomendados

Adding Identity Management and Access Control to your Application, Account Ma...
Adding Identity Management and Access Control to your Application, Account Ma...Adding Identity Management and Access Control to your Application, Account Ma...
Adding Identity Management and Access Control to your Application, Account Ma...Fernando Lopez Aguilar
 
Orion Context Broker Webminar
Orion Context Broker WebminarOrion Context Broker Webminar
Orion Context Broker WebminarFIWARE
 
FIWARE Overview
FIWARE OverviewFIWARE Overview
FIWARE OverviewFIWARE
 
FIWARE From Open Data to Open APIs
FIWARE From Open Data to Open APIsFIWARE From Open Data to Open APIs
FIWARE From Open Data to Open APIsSergio Garcia Gomez
 
Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management WSO2
 
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...Kai Wähner
 
Adding identity management and access control to your app
Adding identity management and access control to your appAdding identity management and access control to your app
Adding identity management and access control to your appÁlvaro Alonso González
 
KeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREKeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREÁlvaro Alonso González
 

Recomendados

Adding Identity Management and Access Control to your Application, Account Ma...
Adding Identity Management and Access Control to your Application, Account Ma...Adding Identity Management and Access Control to your Application, Account Ma...
Adding Identity Management and Access Control to your Application, Account Ma...Fernando Lopez Aguilar
 
Orion Context Broker Webminar
Orion Context Broker WebminarOrion Context Broker Webminar
Orion Context Broker WebminarFIWARE
 
FIWARE Overview
FIWARE OverviewFIWARE Overview
FIWARE OverviewFIWARE
 
FIWARE From Open Data to Open APIs
FIWARE From Open Data to Open APIsFIWARE From Open Data to Open APIs
FIWARE From Open Data to Open APIsSergio Garcia Gomez
 
Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management WSO2
 
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...Kai Wähner
 
Adding identity management and access control to your app
Adding identity management and access control to your appAdding identity management and access control to your app
Adding identity management and access control to your appÁlvaro Alonso González
 
KeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREKeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREÁlvaro Alonso González
 
Curso AngularJS - 7. temas avanzados
Curso AngularJS - 7. temas avanzadosCurso AngularJS - 7. temas avanzados
Curso AngularJS - 7. temas avanzadosÁlvaro Alonso González
 
Curso AngularJS - 6. formularios
Curso AngularJS - 6. formulariosCurso AngularJS - 6. formularios
Curso AngularJS - 6. formulariosÁlvaro Alonso González
 
Curso AngularJS - 5. rutas
Curso AngularJS - 5. rutasCurso AngularJS - 5. rutas
Curso AngularJS - 5. rutasÁlvaro Alonso González
 
Curso AngularJS - 4. filtros y servicios
Curso AngularJS - 4. filtros y serviciosCurso AngularJS - 4. filtros y servicios
Curso AngularJS - 4. filtros y serviciosÁlvaro Alonso González
 
Curso AngularJS - 3. módulos y controladores
Curso AngularJS - 3. módulos y controladoresCurso AngularJS - 3. módulos y controladores
Curso AngularJS - 3. módulos y controladoresÁlvaro Alonso González
 
Curso AngularJS - 1. introducción
Curso AngularJS - 1. introducciónCurso AngularJS - 1. introducción
Curso AngularJS - 1. introducciónÁlvaro Alonso González
 
Curso AngularJS - 2. conceptos básicos
Curso AngularJS - 2. conceptos básicosCurso AngularJS - 2. conceptos básicos
Curso AngularJS - 2. conceptos básicosÁlvaro Alonso González
 
Lesson 6 - How to register your sensors in account portal
Lesson 6 - How to register your sensors in account portalLesson 6 - How to register your sensors in account portal
Lesson 6 - How to register your sensors in account portalÁlvaro Alonso González
 
Lesson 5 - Installing Keyrock in your own infrastructure
Lesson 5 - Installing Keyrock in your own infrastructure Lesson 5 - Installing Keyrock in your own infrastructure
Lesson 5 - Installing Keyrock in your own infrastructure Álvaro Alonso González
 
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.Álvaro Alonso González
 
Keyrock - Lesson 1. Introduction
Keyrock - Lesson 1. IntroductionKeyrock - Lesson 1. Introduction
Keyrock - Lesson 1. IntroductionÁlvaro Alonso González
 
Cloud Portal - Lesson 5. Advanced tasks
Cloud Portal - Lesson 5. Advanced tasksCloud Portal - Lesson 5. Advanced tasks
Cloud Portal - Lesson 5. Advanced tasksÁlvaro Alonso González
 
Cloud Portal - Lesson 4. Managing Storage
Cloud Portal - Lesson 4. Managing StorageCloud Portal - Lesson 4. Managing Storage
Cloud Portal - Lesson 4. Managing StorageÁlvaro Alonso González
 
Cloud Portal - Lesson 2. Cloud Portal Overview
Cloud Portal - Lesson 2. Cloud Portal OverviewCloud Portal - Lesson 2. Cloud Portal Overview
Cloud Portal - Lesson 2. Cloud Portal OverviewÁlvaro Alonso González
 
Cloud Portal - Lesson 1. Introduction
Cloud Portal - Lesson 1. IntroductionCloud Portal - Lesson 1. Introduction
Cloud Portal - Lesson 1. IntroductionÁlvaro Alonso González
 
Cloud Portal - Lesson 3. Launching an Instance
Cloud Portal - Lesson 3. Launching an InstanceCloud Portal - Lesson 3. Launching an Instance
Cloud Portal - Lesson 3. Launching an InstanceÁlvaro Alonso González
 
Primeros pasos con Docker
Primeros pasos con DockerPrimeros pasos con Docker
Primeros pasos con DockerÁlvaro Alonso González
 
Introducción al Protocolo OAuth 2.0
Introducción al Protocolo OAuth 2.0Introducción al Protocolo OAuth 2.0
Introducción al Protocolo OAuth 2.0Álvaro Alonso González
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationAdding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationÁlvaro Alonso González
 
Adding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - ExersicesAdding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - ExersicesÁlvaro Alonso González
 
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxOrlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxMuhammadAsimMuhammad6
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdfKamal Acharya
 

Más contenido relacionado

Más de Álvaro Alonso González

Curso AngularJS - 3. módulos y controladores
Curso AngularJS - 3. módulos y controladoresCurso AngularJS - 3. módulos y controladores
Curso AngularJS - 3. módulos y controladoresÁlvaro Alonso González
 
Lesson 6 - How to register your sensors in account portal
Lesson 6 - How to register your sensors in account portalLesson 6 - How to register your sensors in account portal
Lesson 6 - How to register your sensors in account portalÁlvaro Alonso González
 
Lesson 5 - Installing Keyrock in your own infrastructure
Lesson 5 - Installing Keyrock in your own infrastructure Lesson 5 - Installing Keyrock in your own infrastructure
Lesson 5 - Installing Keyrock in your own infrastructure Álvaro Alonso González
 
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.Álvaro Alonso González
 
Cloud Portal - Lesson 2. Cloud Portal Overview
Cloud Portal - Lesson 2. Cloud Portal OverviewCloud Portal - Lesson 2. Cloud Portal Overview
Cloud Portal - Lesson 2. Cloud Portal OverviewÁlvaro Alonso González
 
Cloud Portal - Lesson 3. Launching an Instance
Cloud Portal - Lesson 3. Launching an InstanceCloud Portal - Lesson 3. Launching an Instance
Cloud Portal - Lesson 3. Launching an InstanceÁlvaro Alonso González
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationAdding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationÁlvaro Alonso González
 
Adding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - ExersicesAdding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - ExersicesÁlvaro Alonso González
 

Más de Álvaro Alonso González (20)

Curso AngularJS - 7. temas avanzados
Curso AngularJS - 7. temas avanzadosCurso AngularJS - 7. temas avanzados
Curso AngularJS - 7. temas avanzados
 
Curso AngularJS - 6. formularios
Curso AngularJS - 6. formulariosCurso AngularJS - 6. formularios
Curso AngularJS - 6. formularios
 
Curso AngularJS - 5. rutas
Curso AngularJS - 5. rutasCurso AngularJS - 5. rutas
Curso AngularJS - 5. rutas
 
Curso AngularJS - 4. filtros y servicios
Curso AngularJS - 4. filtros y serviciosCurso AngularJS - 4. filtros y servicios
Curso AngularJS - 4. filtros y servicios
 
Curso AngularJS - 3. módulos y controladores
Curso AngularJS - 3. módulos y controladoresCurso AngularJS - 3. módulos y controladores
Curso AngularJS - 3. módulos y controladores
 
Curso AngularJS - 1. introducción
Curso AngularJS - 1. introducciónCurso AngularJS - 1. introducción
Curso AngularJS - 1. introducción
 
Curso AngularJS - 2. conceptos básicos
Curso AngularJS - 2. conceptos básicosCurso AngularJS - 2. conceptos básicos
Curso AngularJS - 2. conceptos básicos
 
Lesson 6 - How to register your sensors in account portal
Lesson 6 - How to register your sensors in account portalLesson 6 - How to register your sensors in account portal
Lesson 6 - How to register your sensors in account portal
 
Lesson 5 - Installing Keyrock in your own infrastructure
Lesson 5 - Installing Keyrock in your own infrastructure Lesson 5 - Installing Keyrock in your own infrastructure
Lesson 5 - Installing Keyrock in your own infrastructure
 
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.
Keyrock - Lesson 3. Applications. How to create OAuth2 tokens.
 
Keyrock - Lesson 1. Introduction
Keyrock - Lesson 1. IntroductionKeyrock - Lesson 1. Introduction
Keyrock - Lesson 1. Introduction
 
Cloud Portal - Lesson 5. Advanced tasks
Cloud Portal - Lesson 5. Advanced tasksCloud Portal - Lesson 5. Advanced tasks
Cloud Portal - Lesson 5. Advanced tasks
 
Cloud Portal - Lesson 4. Managing Storage
Cloud Portal - Lesson 4. Managing StorageCloud Portal - Lesson 4. Managing Storage
Cloud Portal - Lesson 4. Managing Storage
 
Cloud Portal - Lesson 2. Cloud Portal Overview
Cloud Portal - Lesson 2. Cloud Portal OverviewCloud Portal - Lesson 2. Cloud Portal Overview
Cloud Portal - Lesson 2. Cloud Portal Overview
 
Cloud Portal - Lesson 1. Introduction
Cloud Portal - Lesson 1. IntroductionCloud Portal - Lesson 1. Introduction
Cloud Portal - Lesson 1. Introduction
 
Cloud Portal - Lesson 3. Launching an Instance
Cloud Portal - Lesson 3. Launching an InstanceCloud Portal - Lesson 3. Launching an Instance
Cloud Portal - Lesson 3. Launching an Instance
 
Primeros pasos con Docker
Primeros pasos con DockerPrimeros pasos con Docker
Primeros pasos con Docker
 
Introducción al Protocolo OAuth 2.0
Introducción al Protocolo OAuth 2.0Introducción al Protocolo OAuth 2.0
Introducción al Protocolo OAuth 2.0
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationAdding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your Application
 
Adding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - ExersicesAdding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - Exersices
 

Último

Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxOrlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxMuhammadAsimMuhammad6
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdfKamal Acharya
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXssuser89054b
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdfKamal Acharya
 
Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesRAJNEESHKUMAR341697
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapRishantSharmaFr
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdfKamal Acharya
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityMorshed Ahmed Rahath
 
Moment Distribution Method For Btech Civil
Moment Distribution Method For Btech CivilMoment Distribution Method For Btech Civil
Moment Distribution Method For Btech CivilVinayVitekari
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesChandrakantDivate1
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueBhangaleSonal
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdfAldoGarca30
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...Amil baba
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptNANDHAKUMARA10
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxSCMS School of Architecture
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayEpec Engineered Technologies
 
DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationBhangaleSonal
 

Último (20)

Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxOrlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planes
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdf
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
 
Moment Distribution Method For Btech Civil
Moment Distribution Method For Btech CivilMoment Distribution Method For Btech Civil
Moment Distribution Method For Btech Civil
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network Devices
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equation
 

Wilma - Lesson 3. Securing a REST API

  • 1. PEP Proxy - Wilma GE Lesson 3 - Securing a REST API Álvaro Alonso. UPM – DIT Security Chapter. FIWARE aalonsog@dit.upm.es, @larsonalonso
  • 2. Contents • Checking Authentication • Checking Basic Authorization • Checking Advanced Authorization
  • 3. Main concepts • Authentication – Check if a user is a registered user • Basic Authorization – Check if a user has permissions to access a resource – HTTP verb + resource path • Advanced Authorization – Check if a user has permissions to access a resource – Custom XACML policies
  • 4. Main concepts - Authentication Backend Service REST API HTTP request + TOKEN Wilma User Keyrock GE TOKEN OK + user info
  • 5. Main concepts – Basic Authorization Backend Service REST API HTTP request + TOKEN Wilma User Keyrock GE AutZForce GE
  • 6. Main concepts – Advanced Authorization Backend Service REST API HTTP request + TOKEN Wilma * User Keyrock GE AutZForce GE
  • 7. Guidelines • Requests to Wilma $ curl --header "X-Auth-Token:z2zXk...ANOXvZrmvxvSg" http://proxy_host
  • 8. Documentation • XACML 3.0 – http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec- os-en.html • AuthZForce GE – http://catalogue.fiware.org/enablers/authorization-pdp- authzforce/documentation
  • 9. PEP Proxy - Wilma GE Lesson 3 - Securing a REST API Álvaro Alonso. UPM – DIT Security Chapter. FIWARE aalonsog@dit.upm.es, @larsonalonso