Universal Authentication/Authorization module concept

for long time I have been struggling with authentication and authorization in my applications. With OAuth and RESTful application it starts to be really difficult.

So I started looking for some common solution I can reuse through my applications easily(NOTE maybe it already exists).

There are several types of possible user verification I'd like to support.

  • username/ password
  • cert with usb stick
  • another authorization provider(Google, Twitter etc)
  • Today we are entering world full of microservices, single page applications and RESTful APIs. I can see only possible solution and it is security token passing.

    In principle you will authenticate to this module and then you will be able to use my apps according to some auth. rules. The main benefit will be that for OAuth I will not need to register every webapp by the provider. I will just register my "provider" in twitter, google etc. and you will be able to authenticate to any of my applications(via REST, web etc with google, twitter etc.)

    Am I reinventing wheel? Something like Kerberos for issuing security token or SSO with multiple login possibilities. Can anybody please share comment on this?


    I recommend that you look at UAA (https://github.com/cloudfoundry/uaa) which is open source and solves these use cases

    Thanks, Sree

    链接地址: http://www.djcxy.com/p/3786.html

    上一篇: 如何在身份验证微服务中进行授权?

    下一篇: 通用认证/授权模块概念