11 Hands-on: A separation of responsibilities

 

This chapter covers

  • Implementing and using tokens

  • Working with JSON Web Tokens

  • Separating authentication and authorization responsibilities in multiple apps

  • Implementing a multi-factor authentication scenario

  • Using multiple custom filters and multiple AuthenticationProvider objects

  • Choosing from various possible implementations for a scenario

We’ve come a long way, and you’re now in front of the second hands-on chapter of the book. It’s time again to put into action all you’ve learned in an exercise that shows you the big picture. Fasten your seat belts, open your IDEs, and get ready for an adventure!

In this chapter, we’ll design a system of three actors: the client, the authentication server, and the business logic server. From these three actors, we’ll implement the backend part of the authentication server and a business logic server. As you’ll observe, our examples are more complex. This is a sign that we are getting closer and closer to real-world scenarios.

11.1 The scenario and requirements of the example

11.2 Implementing and using tokens

11.2.1 What is a token?

11.2.2 What is a JSON Web Token?

11.3 Implementing the authentication server

11.4 Implementing the business logic server

11.4.1 Implementing the Authentication objects

11.4.2 Implementing the proxy to the authentication server

11.4.3 Implementing the AuthenticationProvider interface

11.4.4 Implementing the filters

11.4.5 Writing the security configurations

11.4.6 Testing the whole system

Summary

sitemap