11 Hands-on: A separation of responsibilities
This chapter covers
- Implementing and using tokens.
- Working with JSON Web Tokens (JWTs).
- Separating authentication and authorization responsibilities in multiple apps.
- Implementing a multi-factor authentication (MFA) scenario.
- Using multiple custom filters and multiple AuthenticationProvider objects.
- Choosing from various possible implementations for a scenario.
We’ve come a long way, and you’re now in front of the second hands-on chapter of the book. It’s time again to put in action all you’ve learned in an exercise which will show you the big picture. Fasten your seat belts, open your IDEs, and get ready for a juicy activity! We’ll design a system of three actors: the client, the authentication server, and the business logic server. Out of these three actors, we’ll implement the backend part represented by the authentication server and the business logic server. As you observe, advancing with the book, our examples become more complex – this is the sign we get closer and closer to the real-world scenarios.