REST Security

Aug 19 2016- POSTED BY projecth Comments Off

Cache

The first step towards making your API available for clients is caching.
A cache is usually a service that runs in memory to hold recently needed results. Putting your data into a cache will help prevent database calls and costly calculations on your data.

Caching tools:

Memcached http://www.memcached.org/
TimesTen for Oracle: http://www.oracle.com/us/products/database/timesten/overview/index.html
Hazelcast for Java: http://hazelcast.org/
Varnish for caching compiled pages: https://www.varnish-cache.org/

Ratelimiting

Each user is allowed a certain number of requests to your API in a given time period. This help prevent users from flooding you with requests, and helps prevent DDOS attacks

Authentication

There are a few ways of handling the authentication of requests to your API. The most common way is API Tokens, you give your user a token and a secret pair – similar to the concept of username and password – they’ll include those in every request to your server because of the statelessness of HTTP, and you’ll do the authentication with each request.

Mind Juice

J U S T · A · S A F E T Y · N E T

REST Security

REST Security

Cache

Ratelimiting

Authentication