Inherently, the HTTP protocol is text based and does not prevent data interception or tampering. Secure HTTP (HTTPS) is based on transport level security (TLS) and uses encryption to protect the transmitted data.
- View Offline
- [Instructor] In the previous video…we looked at authorization process…and how it compliments authentication…however, we finished up at the important point…that HTTP basic authentication credentials…could be intercepted and whole system…could be easily compromised.…In this video, we're going to take a look…at secure version of HTTP protocol.…Namely, HTTPS, how it works and how to configure…spray-can HTTP server to support it.…
At the end of this video we're going to have…our book application web services…accessible over HTTPS protocol only.…The primary goal of the TLS protocol…is to provide privacy and data integrity…between two communicating parties…like, for example, web server and web client.…At the moment there are several versions of…the TLS protocol in the wild.…The latest one TLS Version 1.2 is the most secure one…and it's a preferred option for today's communications.…
The next version, 1.3 of TLS…is in working draft stage right now.…Public key cryptography and digital certificates…play the key role in TLS.…
Embark on an exciting journey into the universe of web development using the Scala programming language and frameworks—natural choices for back-end developers building highly scalable, reliable, and reactive RESTful web services and APIs. This training is the starting point for mastering the nonblocking and asynchronous programming models that lie in the heart of the Spray framework. It starts with an introduction to the REST architecture. Then switch gears to the Akka toolkit and framework, building a sample book catalog application along the way.
Once you've learned about the REST architectural style and Actor model—the foundations that the Spray framework is built upon—you'll shape out your own RESTful web services by providing simple route definitions. Further on in the course, author Andriy Redko delves into authentication and authorization, secure transport, documentation, testing, and caching support. Finally, you will learn how to develop the Spray client API to call external web services.
- The Actor model and Akka framework
- RESTful architecture principles and constraints
- Building RESTful services
- Core Spray framework modules such as spray-can, spray-routing, spray-json, spray-caching, and spray-client
- Securing RESTful web services and APIs with Spray
- Configuring Spray applications with HTTPS support
- Documenting Spray RESTful web services using Swagger
- Caching basics
- Calling external RESTful services