Indy.Code() Sessions tagged security

Securing a WebAPI with JWT Role-Based Authentication

Setting up a database table to store user information and have a webAPI method to login is just the beginning. Once logged in, returning a token for subsequent calls can make staying signed in convenient. Save the initial token passed back by the API and then add that to the header of future calls. In this token you can store roles and policies to further secure the application. This course will review the roles-based authentication and even show how to use an Enum to set those roles allowed to call certain methods.

Speaker

Victor Pudelski

Victor Pudelski

V.P. of Solutions, Technology Solutions Consultants, LLC

Building a secure user authorization story

Every application has a login button. In this session, we'll cover some techniques for handling user authentication in a secure manner, along with covering proper user flow, including user registration, logging in, and password resets. At the end of this session, you'll be armed with the knowledge to feel confident in the security of your authentication story.

Speaker

Johnie Karr

Johnie Karr

Sr. Software Engineer, ScholarRx

Hack Proof: Software Design for a Hostile Internet

Software today is subjected to numerous vectors of attacks. The Internet world is a hostile world and our apps need to be expecting to encounter digital terrorists who want to use our applications to get inside our organization. In this session you’ll learn about some of the most common attack vectors for applications and what you can do about them. We’ll discuss techniques for protecting from user input including injection and cross site scripting attacks.

• Dispel myths about hacking and application vulnerability • Identify common threat vectors for applications • Discover strategies for addressing common threat vectors

Speaker

Rob Bogue

Rob Bogue

President, Thor Projects LLC