each app (provider and consumer) has its own session cookies. An
authentication gets passed between the two at login, similarly to oauth.
On Sunday, 20 September 2015 18:54:44 UTC-5, Luis Valladares wrote:
>
> After some discussion with my team we come with this architecture:
>
> We will have a s
After some discussion with my team we come with this architecture:
We will have a service to manage authentication and authorization, all our
services will query him in order to get permission and credential, for
authentication we will use CAS and for authorization RBAC over sended over
JSON.
Thanks for your answer!
I've been reading about JWT too, and i consider it for application
authorization, the thing is i dont feel comfortable sending the parameters
through JSON, i prefer to send it via POST parameters and so, but after
reading the link you posted sounds like a good solution f
On Monday, September 14, 2015 at 3:35:20 PM UTC-7, Luis Valladares wrote:
>
> Since i do the post i found some interesting articles, and now i have a
> better implementation idea, but i'm still looking for the solution on a
> subject. Here is what i have now:
>
> I will handle the authenticatio
Since i do the post i found some interesting articles, and now i have a
better implementation idea, but i'm still looking for the solution on a
subject. Here is what i have now:
I will handle the authentication of my applications using the amazon
approach
(http://www.thebuzzmedia.com/designing
5 matches
Mail list logo
