asp.net - Is it possible to use OAuth2 to secure "non-rest" applications -


we have application written in asp.net mvc consists of web (non rest, using razor) , api projects (and other projects, besides point now).

authentication in web done using basic forms authentication , authentication in api done using oauth2.

having 2 ways of authentication in same application has proven difficult maintain, decided discard forms authentication , use oauth2 both web , api projects.

in web project, have store oauth2 tokens in cookies instead of sending them headers. possible use oauth2 secure "non-rest" applications ? if so, there security concerns in doing so?

there excellent articles on topics interested. these articles explain details looking for.

  1. tokens , cookies.
  2. the ultimate guide mobile api security
  3. the common oauth2 vulnerability
  4. using oauth 2.0 soap api
  5. using oauth2 soap
  6. asp.net webforms oauth2 multi-tenant resource , wpf client

these sites starting point. oauth 2.0 criticized lot security vulnerabilities pointing out common in other authentication model. if vulnerabilities addressed in application security issues mitigate itself.

  1. oauth 2.0 threat model , security considerations
  2. common oauth2 vulnerabilities , mitigation techniques
  3. saferweb: oauth2.a or let's fix it

but must noted oauth2 not next generation of oauth1. can find excellent article here.


-

Comments

Post a Comment

Popular posts from this blog

serialization - Convert Any type in scala to Array[Byte] and back -

i have following question: i have variable value in program declared value. i want convert value byte array.. how can serialize byte array , back? found examples related other types such double or int, not any. this should need. it's pretty similar how 1 in java. import java.io.{bytearrayinputstream, bytearrayoutputstream, objectinputstream, objectoutputstream} object serialization extends app { def serialise(value: any): array[byte] = { val stream: bytearrayoutputstream = new bytearrayoutputstream() val oos = new objectoutputstream(stream) oos.writeobject(value) oos.close stream.tobytearray } def deserialise(bytes: array[byte]): = { val ois = new objectinputstream(new bytearrayinputstream(bytes)) val value = ois.readobject ois.close value } println(deserialise(serialise("my test"))) println(deserialise(serialise(list(1)))) println(deserialise(serialise(map(1 -> 2)))) println(deserialise(seri
Read more

matplotlib support failed in PyCharm on OSX -

any idea how fix ? how can debug might problem ? not seem : https://youtrack.jetbrains.com/issue/py-15520 i in console: python 2.6.9 (unknown, jul 14 2015, 19:46:31) [gcc 4.2.1 compatible apple llvm 6.0 (clang-600.0.39)] on darwin >>> import matplotlib.pyplot plt matplotlib support failed the backend : >>> import matplotlib >>> print(matplotlib.rcparams['backend']) macosx
Read more

python - Matplotlib: TypeError: 'AxesSubplot' object is not callable -

i new programming please pardon me if rookie mistake. i writing python script have defined functions create subplots of distributions. i have slider widget end user change value of variables(mu , sigma) , see effect on distribution. here's code import numpy np print np.__version__ import scipy print scipy.__version__ scipy.stats import norm, lognorm, uniform import matplotlib print matplotlib.__version__ import matplotlib.pyplot plt matplotlib.widgets import slider, button, radiobuttons, checkbuttons #####calculating mean , standard deviation##### global mu_a1 mu_a1 = 1 global mu_b1 mu_b1 = 10 global mu_c1 mu_c1 = -13 global sigma_a1 sigma_a1 = 0.14 global sigma_b1 sigma_b1 = 1.16 global sigma_c1 sigma_c1 = 2.87 mu_x01 = -11 sigma_x01 = 1.9 #####_____##### #####generating random data##### a1 = 0.75*mu_a1 + (1.25 - 0.75)*sigma_a1*np.random.sample(10000) b1 = 8*mu_b1 + (12 - 8)*sigma_b1*np.random.sample(10000) c1 = -12*mu_c1 + 2*sigma_c1*np.random.sample(10000)
Read more