Contents tagged with REST
-
A good way to handle claim based security in RESTful services
Dominick just blogged what I think is one of the best ways to provide claim based security for RESTful services at the moment. The idea of using simple web tokens for RESTful services I’ve been in my head for a while, but I was not able to find enough the time to implement it. Fortunately, Dominick already did it for us, so it’s really great to have a sample with that.
-
Injecting Custom Logic in ADO.NET Data Services
ADO.NET Data services represent today one of the most powerful alternatives to build RESTful services in the .NET platform. This framework basically creates a RESTful API on top of any IQueryable data source. Most of the steps required to publish a set of resources through http and make them available for any client are automatically implemented.
-
What I like about OpenRasta
After having playing with the current bits of OpenRasta (OR) for a while, I am now able to see great advantages in using this framework over other existing frameworks for building RESTful services such as WCF or the ASP.NET MVC.
-
OpenRasta, an open source alternative for developing Restful services
OpenRasta (OR) is the name of a new open source framework for developing Restful applications (Web applications or services) created by Sebastien Lambla. As the ASP.NET MVC, this framework is also an implementation of the MVC pattern, which focus mainly on a good separation of concerns, and provide different extensibility points where the developer can plugging custom code at the moment of developing applications.
-
Developing RESTful services with JSON and POX support in the ASP.NET MVC
Many of the features available out of the box today in the ASP.NET MVC framework are only intended to develop web applications using REST principles. There is not support for accepting incoming messages encoded as JSON or plain old XML (POX), or even support for returning POX from a controller action. Only form-urlencoded data is accepted by default for incoming messages, and JSON/HTML (with support of the view engines) for outgoing messages in controller actions.
-
Mutual Certificate Authentication for WCF REST services
When Mutual Certificate Authentication is configured for REST services, both, the client and the service perform identity verification or authentication through X509 certificates.
-
Sharing the security context between ASP.NET and WCF REST Services
It is very common for WCF services that work as Ajax callbacks and ASP.NET pages that live in the same web application to share a common security context for the authenticated user. However, in order to make this happens, the ASP.NET compatibility mode must be enabled for the WCF service. When that setting is enabled, WCF basically includes the service call within the ASP.NET pipeline, all the ASP.NET modules configured for the application are executed, and as result, the HttpContext get initialized for that service as it was a normal page.
-
Support for Form-UrlEncoded data in WCF Rest services
Some people have been asking around in the MSDN forums or stackoverflow about a possible way to pass form-urlencoded data to an existing WCF REST service. Although this is not a core feature in WCF from my point view, there is still some support for addressing this scenario in the REST Starter kit.
-
Streaming large content from a WCF RESTFul service
Streaming large content such as media content, images or files is a common scenario for RESTful services. If a scenario like this is not well addressed or implemented on the service side, there is a high risk of consuming server resources like memory or CPU in a matter of seconds. This usually happens when the complete content is loaded in memory before it is transferred to the service consumer.
-
Custom Basic Authentication for RESTful services
It’s very common when developing RESTful services to authenticate users against a proprietary user database. This is generally done with a combination of username and password through http basic authentication. Unfortunately, basic authentication is tied to windows accounts in IIS, which leads us to find out some alternatives or workarounds to support this scenario. WCF 3.5 made possible to authenticate transport credentials with one of the existing UsernamePasswordValidator extensions, however, this approach does not work for IIS hosted services.