Recently I have been involved in various discussions on how to make the REST APIs as secure as SOAP. First of all, let me start with a very basic statement, about security, it doesn't depend on your Webservice type, be it REST or SOAP, your design decisions depicts whether they can be made secure or not. In this example blog, I will use " Micro CRUD services for Oracle Database Cloud " APIs and implement (read attach) Passport's "local" authentication strategy, to make them secure. Code in Github : LeasifyAPIs with Passport What is Passport JS? (from Documentation ) Passport is authentication middleware for Node . It is designed to serve a singular purpose: authenticate requests. When writing modules, encapsulation is a virtue, so Passport delegates all other functionality to the application. This separation of concerns keeps code clean and maintainable, and makes Passport extremely easy to integrate into an application. What are "strateg
About anything and everything from my daily consulting life. ADF, Java, Weblogic, Unix shell scripting, Mobile technology..etc. etc.. The views expressed on this blog are my own and do not necessarily reflect the views of my employer.