This article explains traditional session‑based authentication, introduces JWT and JJWT, and presents two microservice authentication patterns—service‑side verification and gateway‑side verification—detailing their workflows, code examples, advantages, drawbacks, and practical challenges.
This article explains the fundamentals of authentication and authorization, the role of credentials, the differences between cookies and sessions, various token types including access and refresh tokens, and the principles, usage, and security considerations of JSON Web Tokens (JWT).
CNStack 2.0 introduces a cloud‑native multi‑cluster service built on Open Cluster Management, offering unified registration, lifecycle management, resource distribution, multi‑tenant authentication, and high‑availability cross‑cluster communication for Kubernetes clusters across clouds.
This article explains what JSON Web Tokens are, their structure and security considerations, introduces the JJWT Java library, and provides a complete Spring Boot and Angular example—including Maven setup, Java filters, controllers, and front‑end code—to demonstrate secure token‑based authentication.
This article explains the complete user login process, including mobile verification, token generation, token expiration policies, request‑rate limiting with Redis, anonymous request handling, blacklist management, and provides full Java Spring code examples for implementing these backend authentication mechanisms.
This article explains a comprehensive backend user login flow, covering token generation, expiration policies, request validation, logout handling, anonymous access strategies, rate‑limiting with authorized tokens, path‑regex filtering, blacklist management, and includes a Spring‑Redis implementation example.
This article explains how to replace Shiro with Spring Security, integrate JWT for stateless authentication, configure the filter chain, set up the necessary Maven dependencies, write the security configuration, custom authentication and verification filters, and manage user details in a Spring Boot backend.
This comprehensive guide walks you through Spring Security fundamentals, setting up a Spring Boot project, configuring authentication with JWT and Redis, implementing RBAC permission management, customizing error handling, enabling CORS, and addressing CSRF, providing complete code examples and detailed explanations for secure backend development.
This article walks through the evolution of a user system—from a basic email/phone login to third‑party OAuth, multi‑type user accounts, diversified password schemes, and real‑person (entity) verification—showcasing a flexible, extensible backend design that can handle rapid business growth.
This article analyzes the limitations of traditional HTTP session mechanisms in single‑server and clustered environments, explains why session sharing is essential for multi‑system products, and presents practical solutions such as session replication and centralized Redis storage, followed by a detailed walkthrough of CAS‑based single sign‑on implementation with Java Spring code examples and a comparison to OAuth2.
This article explains how to quickly add a secure login page to a simple SpringBoot application using the Sa-Token-Quick-Login plugin, covering Maven dependencies, configuration parameters, controller implementation, and testing steps with code examples.
This article demonstrates how to build a Spring Cloud Gateway microservice that serves as a centralized authentication and authorization gateway, covering Maven dependencies, YAML configuration, whitelist handling, exception processing, RestTemplate setup, and a custom global filter with code examples.
This article provides a step‑by‑step guide for building a CAS server and client with Spring Boot, covering WAR deployment, configuration file adjustments, custom authentication redirect strategies, CORS setup, and troubleshooting ticket validation and cross‑origin issues.
This article explains the concepts and differences between Single Sign-On (SSO) and OAuth2.0, describing their token-based authentication flows, typical implementations such as CAS, the four OAuth2.0 grant types, and how they can be used to achieve seamless login across applications.
This tutorial walks through setting up Spring Security with JWT in a Spring Boot project, covering environment configuration, Maven dependencies, custom authentication handlers, permission evaluation, JWT filtering, and testing, providing complete code examples and explanations for building a robust backend authentication system.
This article provides an in‑depth overview of authentication, authorization, and permission control concepts and compares ten common front‑end authentication techniques—including HTTP Basic Auth, Session‑Cookie, Token, JWT, SSO, OAuth 2.0, QR‑code login and one‑click login—detailing their workflows, advantages, drawbacks, and typical usage scenarios.
This article explains the principles of Single Sign‑On (SSO) and OAuth2.0, compares their workflows, describes common implementation patterns such as CAS and token‑based authentication, and clarifies the distinctions between SSO, OAuth2.0, and related security frameworks.
This article explains the principles of Single Sign-On (SSO) and OAuth2.0, compares their concepts, outlines typical SSO workflows using CAS, details OAuth2.0 authorization code flow, clarifies terminology differences, and discusses related security frameworks such as Spring Security and Shiro.
This article outlines the challenges of API security, proposes a hybrid symmetric‑asymmetric encryption scheme with signed requests, describes client and server processing flows, defines service attributes, and provides implementation references for a robust RPC encryption solution.
This article explains the principles and workflow of Single Sign‑On using OAuth2.0, illustrates the process with a real‑life analogy, and provides a complete Spring Boot example—including authorization server, client configuration, and role‑based access control—suitable for microservice architectures.
This article compares JWT and session authentication, outlines their differences, advantages, security considerations, performance impacts, and provides a complete Java implementation with Redis integration, helping developers decide the best approach for their projects.
This article reviews four widely used authentication mechanisms—HTTP Basic authentication, session‑cookie based authentication, token (JWT) authentication, and OAuth 2.0—explaining their workflows, security characteristics, and providing Node.js/Express code examples for each.
This article explains RBAC concepts and model classifications, demonstrates basic Spring Security setup, shows how to configure in‑memory and database authentication, integrates JWT for stateless token‑based access, implements JSON‑based login, and covers password encryption with BCrypt in a Spring Boot backend.
Google announced that Android and Chrome will now support Passkey key‑login, a biometric‑based, public‑key authentication method that replaces traditional passwords, allowing users to create a secure credential on their device, sync it across platforms, and developers to integrate it via WebAuthn and related APIs.
This article explains the concept of Single Sign‑On (SSO), compares its major protocols—SAML, OAuth2, and OpenID Connect—covers their workflows, benefits, terminology, and provides guidance on when to choose each protocol for different application scenarios.
This article provides a detailed tutorial on Spring Security, covering its core concepts, project setup, authentication flow, custom user details service, password encoding, login handling, role-based access control, CSRF protection, and integration with Thymeleaf, complete with code examples.
Google announced that Android and Chrome will adopt Passkey, a biometric‑based, public‑key login system that replaces traditional passwords, offering cross‑platform support, phishing resistance, and cloud‑backed recovery, with developers able to integrate it via WebAuthn and Google Play Services.
This article compares JWT and session authentication, discusses their differences, security, performance, and lifecycle considerations, and provides a complete Java implementation—including dependency configuration, token utilities, Redis integration, login/logout flows, password updates, and request interception—guiding developers to select the most suitable approach for their projects.
This article introduces Harbor, a CNCF‑hosted cloud‑native Docker registry, explains its token‑based authentication flow, details the required Kubernetes and Helm prerequisites, provides step‑by‑step installation and configuration instructions, and demonstrates how to push and pull images using containerd and Kubernetes.
This guide explains the JWT format, standard and custom claims, signature algorithms, and presents practical single‑token and double‑token renewal schemes—including a WeChat OAuth example—along with a complete PHP implementation using the tinywan/jwt library.
KubeGateway, a custom seven‑layer gateway built by ByteDance, eliminates kube‑apiserver load‑imbalance and adds comprehensive request governance—including routing, rate‑limiting, and degradation—by parsing HTTP2 traffic, supporting flexible policies, and transparently proxying requests without client changes.
The article argues that traditional password complexity rules and periodic resets are outdated, advocating for longer passwords, the use of password managers and multi‑factor authentication, and limiting login attempts to improve security in modern, always‑connected systems.
This article explains the fundamentals of Single Sign‑On (SSO), compares the two most common protocols—SAML and OAuth2 (with OpenID Connect)—covers their terminology, workflows, benefits, and provides guidance on which to use in different scenarios.
This comprehensive tutorial explains RBAC concepts, model classifications, and permission handling, then walks through implementing Spring Security with in‑memory authentication, JWT integration, custom JSON login filters, password encryption, and database‑backed authentication, providing complete code examples and configuration details.
This article provides a comprehensive tutorial on role‑based access control (RBAC) concepts, model classifications, permission definitions, user‑group usage, and step‑by‑step implementations of Spring Security, JWT integration, JSON login, password encryption, and database authentication with extensive code examples.
This article explains single sign‑on concepts, compares SAML, OAuth2 and OpenID Connect, outlines their benefits and typical workflows, and provides guidance on choosing the right protocol for different security and user‑experience scenarios.
This comprehensive guide walks you through Spring Security fundamentals, authentication flow, project setup, custom user details, password encoding, login handling, 403 error pages, remember‑me functionality, method security annotations, and CSRF protection, providing clear code examples for each topic.
This article provides a step‑by‑step tutorial on building a unified authentication center with Spring Security OAuth2, covering project module planning, authorization and resource server configuration, client module setup, gateway integration, and custom security components, complete with Maven dependencies and Java code examples.
This article provides a step‑by‑step guide to building an online blog platform using Flask and MySQL, covering environment setup, database schema design, user registration and login, password encryption, CRUD operations for posts, Markdown editing, image upload, comment management, and error handling with full code examples.
This guide walks through Spring Security fundamentals, including its core authentication and authorization mechanisms, project setup with Maven, customizing usernames, implementing UserDetailsService, creating custom PasswordEncoders, configuring login handling, role and authority checks, CSRF protection, remember‑me functionality, and using security annotations.
This article explains the limitations of traditional HTTP session handling, explores session sharing strategies for clustered environments, and walks through a complete Java CAS‑based single sign‑on solution with code examples, highlighting the differences between CAS and OAuth2.
This tutorial demonstrates how to set up a Spring Security FormLogin authentication flow, including creating a demo project, customizing the login page, configuring security rules, defining users and roles, and testing the login process with custom success and failure handlers.
This tutorial demonstrates how to set up a Spring Cloud Gateway service with static route configuration, then extend it to support dynamic routing through Nacos, and finally implement custom authentication and global filters using Java and Spring Boot.
This tutorial walks through implementing login authentication using Spring Cloud Gateway and JWT, covering core concepts of authentication, authorization, credential handling, token generation, gateway validation, service integration, and token refresh strategies within a microservice architecture.
This article examines security challenges encountered in JD Logistics' sorting platform, details the investigative process for abnormal API requests, proposes a SHA‑256 based authentication scheme with digital signatures, compares industry‑wide API protection methods, and shares practical insights from the author's experience in financial API gateway design.
This article provides a comprehensive guide to Role‑Based Access Control (RBAC) concepts, model classifications, and permission management, then walks through practical Spring Security setups—including basic usage, in‑memory authentication, JWT integration, JSON‑based login, password encryption, and database‑backed authentication, complete with code snippets and diagrams.
This guide explains how Spring Security processes authentication and authorization failures, walks through the default exception flow, and demonstrates multiple ways to customize error handling—including custom failure handlers, access‑denied pages, and JSON responses—using Spring Boot 2.4.12.
This article provides an in‑depth guide to authentication, authorization, and access control, covering basic HTTP authentication, session‑cookie mechanisms, token‑based approaches, JWT structure, single sign‑on (SSO), OAuth 2.0 flows, unique login enforcement, QR‑code login, and one‑click mobile login, with practical code examples and diagrams.
This article provides a comprehensive guide on implementing role‑based access control (RBAC) with Spring Security, covering RBAC models, password encryption, in‑memory authentication, JWT integration, custom authentication filters for JSON login, and detailed configuration examples with full source code snippets.
This article explains RBAC concepts and model classifications, demonstrates role‑based permission management, and provides step‑by‑step guides for using Spring Security with simple authentication, JWT token generation, JSON‑based login, password encryption, and database‑backed user authentication in Java applications.
This article explains how to integrate JWT-based login authentication into a Spring Cloud micro‑service architecture using Spring Cloud Gateway, detailing the authentication flow, token generation, gateway validation, service‑side user handling, and token refresh strategies with practical code examples.
The article explains the concepts of Single Sign-On and OAuth2.0, compares their trust, resource, and flow differences, and details how to implement SSO using OAuth2.0 or the CAS framework, while also promoting related Spring Cloud Alibaba video tutorials.
This article uses the Journey to the West story as a metaphor to explain credentials, the Cookie‑Session authentication model, and the JWT token scheme, comparing their mechanisms, advantages, disadvantages, and practical implications for modern microservice security.
This article provides a comprehensive guide to building a JWT authentication service in Java, covering JWT fundamentals, Spring Boot configuration, entity and DAO definitions, service interfaces, token generation and parsing, RSA key handling, controller endpoints, testing procedures, and a comparison with traditional session-based authentication.
This article explains traditional session and authentication mechanisms, the problems of session sharing in clustered and multi‑service environments, and presents practical SSO solutions—including CAS‑based single sign‑on and its differences from OAuth2—accompanied by complete Java Spring code examples.
This article explains the limitations of traditional HTTP session mechanisms, explores session sharing strategies in clustered environments, and provides a detailed walkthrough of implementing Single Sign-On using CAS, including code samples and a comparison with OAuth2 authentication.
This article explains why unified authentication is essential for product suites, reviews traditional session mechanisms and their limitations in clustered environments, explores session‑sharing strategies, introduces CAS‑based SSO workflows, compares CAS with OAuth2, and provides a complete Spring Boot demo with code snippets and configuration details.
This article provides a comprehensive step‑by‑step guide on building a permission management system with Spring Security, covering database design, entity classes, Maven configuration, security configuration, dynamic menu loading, front‑end rendering using Thymeleaf, and complete testing with sample code and screenshots.
This tutorial explains what SSO and CAS are, outlines the required development environment, walks through downloading, building, and deploying the CAS Server, shows how to configure the server and client (including disabling HTTPS for testing), and demonstrates successful cross‑application authentication with code examples.
Monet is a custom API gateway built on Spring Cloud Gateway that consolidates multiple platform endpoints into a single domain, providing unified routing, API management via Zookeeper, authentication and authorization, dynamic rate‑limiting with Sentinel, and extensible monitoring, addressing scalability and operational challenges of the Linglong platform.
This article explains how to integrate the CAS (Central Authentication Service) single sign‑on solution into a Spring Boot backend by adding necessary dependencies, configuring a series of CAS filters, creating a custom MyAuthenticationFilter to handle AJAX requests, and demonstrating a Vue.js frontend that interacts with the authentication flow, complete with screenshots of the login, ticket validation, and logout processes.
This article examines why passwords are often insecure, explains how they should be stored using hash algorithms and salts, outlines common password‑weaknesses and system vulnerabilities, and introduces FIDO/WebAuthn as a modern, password‑less authentication solution.
This article explains the classic HttpBasic authentication mode in Spring Security, its limited use cases, how to integrate it with a Spring Boot project by adding Maven dependencies and configuration code, and details the underlying Base64‑based mechanism with step‑by‑step illustrations.
This article provides a comprehensive introduction to the OAuth 2.0 protocol, covering its core concepts, authorization flow, four grant types (authorization code, implicit, resource owner password credentials, client credentials), request and response parameters, token handling, and practical examples with code snippets.
This article provides an in‑depth overview of JSON Web Tokens (JWT), explaining their structure, authentication workflow, advantages such as statelessness and CSRF protection, drawbacks like revocation difficulty, and presents practical solutions including blacklist, secret rotation, short‑lived tokens and refresh‑token strategies.
This article examines the challenges of securing API interfaces—including authentication for third‑party services and protection against request hijacking—and proposes a comprehensive RPC encryption framework that uses asymmetric and symmetric keys, signed payloads, and HTTPS fallback, detailing both client‑side and server‑side workflows, data structures, and providing links to the full source code.
KubeVela 1.4 introduces built‑in multi‑cluster authentication and authorization, a resource‑topology visualizer, the lightweight VelaD runtime, dozens of new plugins, and a host of workflow enhancements, while outlining the project’s roadmap for observability, workflow and application management.
This article explains why the MySQL 8.0 client may report the caching_sha2_password authentication error requiring a secure connection, describes the plugin’s design, RSA and SSL mechanisms, cache behavior, and provides practical commands and replication settings to resolve the issue.
This article explains how to add a universal app‑key whitelist authentication feature to a Spring‑Boot web framework by using four different mechanisms—traditional AOP, HandlerInterceptor, custom HandlerMethodArgumentResolver, and a Servlet Filter—while comparing their execution order and extensibility.
This article walks through the complete OAuth2 token generation process, covering gateway pre‑processing, client authentication, request handling, authentication object assembly, password validation, token creation, storage options, and response handling with code examples and diagrams.
This article explains the standard JWT claims, shows how to generate a token with custom claims in Java, and compares single‑token and double‑token renewal strategies, including practical steps, Redis storage tips, and a brief overview of WeChat web authorization.
This article explains the standard JWT claims, demonstrates how to generate a token with custom claims in Java, and compares single‑token and double‑token renewal schemes, including practical steps for handling expiration, refresh logic, and Redis‑based token storage.
This article explains a complete backend user login process, including phone verification, token generation, token expiration strategies, gateway token validation, logout handling, anonymous request options, blacklist management, and provides a Spring‑Redis implementation for request‑rate limiting.
This article provides a comprehensive tutorial on implementing Single Sign-On using the CAS (Central Authentication Service) framework, covering the concepts of SSO and CAS, required development environment, server-side deployment, client configuration, and end‑to‑end testing with detailed code examples.
This article provides a comprehensive tutorial on implementing Single Sign‑On using the open‑source CAS solution, covering the concepts of SSO and CAS, required development environment, server‑side deployment, client integration with Spring Boot, configuration details, and a complete end‑to‑end testing workflow.
This article details Snowball's transition from a single‑datacenter setup to a dual‑active, cloud‑native architecture using Apache APISIX, covering background challenges, problem analysis, gateway selection, architectural adjustments, authentication unification, observability enhancements, ZooKeeper integration, and future plans.
This article shares G7 Tech’s practical experience of exposing Kafka to the public internet, covering encryption, AAA, three authentication schemes, listener configuration, scaling for massive topics with Kubernetes, storage optimization, and integration with the gmq management platform and Kafka‑REST.
This article presents a Python command‑line book management system that supports adding, searching, deleting, modifying, and displaying books stored in a text file, and extends it with a simple login‑registration feature using file‑based user data, illustrating full CRUD operations and basic authentication.
This article provides a comprehensive overview of SSL VPN technology, covering its encryption principles, limitations of IPSec, virtual gateway functions, web proxy, file sharing, port forwarding, network expansion modes, endpoint security checks, certificate‑based authentication methods, typical application scenarios, and step‑by‑step configuration procedures.
Baidu’s ToB Account Permission Platform provides a unified, configurable login and permission service—including multi‑tenant account management, SSO, OAuth, and the GD‑RBAC model—delivering secure, high‑performance access for over ten million enterprise accounts across multiple product lines.
This article explains the SSH protocol, covering its default port, the step‑by‑step handshake process—including connection establishment, version and algorithm negotiation, key exchange, and user authentication methods—while also describing common clients like PuTTY and OpenSSH and the role of symmetric and asymmetric encryption.
This article provides a comprehensive overview of SSL VPN technology, detailing its advantages over IPSec, core functions such as virtual gateways, web proxy, file sharing, port forwarding, network extension, endpoint security, logging, authentication methods, typical application scenarios, and step‑by‑step configuration procedures.
This article provides a detailed, step‑by‑step tutorial on building a Spring Security‑based Single Sign‑On solution using JWT, covering SSO concepts, JWT structure, RSA encryption, custom authentication filters, Maven project setup, configuration files, and full code examples for both authentication and resource services.
This article outlines essential SaaS product building guidelines, covering core feature definition, authentication, email notifications, multi‑tenant strategies, payment handling, hosted backend APIs, document‑oriented databases, hosted databases, and background processing with serverless and message‑bus solutions.
This article analyzes intermittent page failures caused by blocked Keycloak public‑key retrieval in a Spring Boot application, explains how default HTTP client timeouts of –1 lead to indefinite waits, and provides a filter‑based solution to set proper timeouts and adjust internal/external URLs.
This article provides a comprehensive 20,000‑word guide on building a Spring Security‑based single sign‑on solution using JWT, covering the SSO concept, token structure, RSA encryption, Maven project setup, configuration files, custom authentication and verification filters, and end‑to‑end testing with Postman.
This article explains what JSON Web Token (JWT) is, its underlying mechanism and data structure, compares it with traditional session authentication, and demonstrates how JWT can be used for cross‑domain single sign‑on, access/refresh token handling, and secure API authentication.
This article explains the lightweight JWT specification, demonstrates how to build a token with header, payload, and signature using Base64 encoding and Node.js, and discusses its security properties, verification process, and suitable use cases for web authentication.
This article explains the lightweight JWT specification, walks through its three-part structure (header, payload, signature), shows how to encode and sign a token with Node.js, and demonstrates using a JWT‑based link to perform a friend‑request operation without requiring the recipient to log in.
This article explains how to integrate the Apache Shiro security framework into a Spring Boot application, covering core components, Maven configuration, bean definitions, custom realms, filter chains, and the complete login authentication process with code examples.
This article explains the fundamental differences between JSON Web Token (JWT) and OAuth2, describes how each works, provides code examples of JWT structure, outlines OAuth2 roles and flows, and discusses practical scenarios, advantages, and drawbacks for securing APIs.
This article explains the fundamentals of OAuth2.0, distinguishes it from SSO, describes the three main participants, outlines the complete authorization flow with step‑by‑step details, defines key terminology, and discusses deployment scenarios such as web servers, user‑agent apps, and native applications.
This article provides a comprehensive guide on integrating Apache Shiro into a Spring Boot application, covering core components, Maven configuration, bean definitions, security manager setup, custom realms, filter chain configuration, and the complete login authentication flow with code examples.
This article explains why and how to extend Spring Security with custom OAuth2 grant types, using a mobile‑password example that demonstrates creating a custom UserDetailService, AuthenticationToken, TokenGranter, AuthenticationProvider, and the necessary Spring Cloud configuration steps.
This article explains four Spring‑Boot techniques—traditional AOP, HandlerInterceptor, custom HandlerMethodArgumentResolver, and Servlet Filter—to perform generic authentication with code examples and a final comparison of their execution order.
This article provides an in‑depth tutorial on Spring Security, covering its core concepts, authentication flow, project setup, dependency imports, custom UserDetailsService, password encoding, login handling, role‑based access control, CSRF protection, and integration with Thymeleaf, complete with practical code examples.
This article explains the principles and workflow of Single Sign-On (SSO) using OAuth2.0, illustrates the process with a real‑life scenario, compares multi‑point and single‑point login, and provides a complete Spring Boot example for building an authorization server, client, and role‑based access control in micro‑service architectures.
This guide shows how to configure KubeSphere’s multi‑tenant authentication by integrating Dex as an OIDC provider with GitLab, covering Dex installation via Helm, customizing values, updating KubeSphere’s cluster configuration, and verifying the new “Login via Dex” flow.
This article provides a detailed overview of authentication mechanisms, covering UI login methods such as Basic, LDAP, OAuth, Kerberos, and SSO, API call verification techniques like HMAC and JWT, and practical design guidelines for implementing SSO with CAS in micro‑service architectures.
This article explains the principles of Single Sign‑On using OAuth2.0, illustrates the workflow with a real‑world analogy, and provides a complete SpringBoot example—including authorization server, client configuration, role‑based access control, and micro‑service integration—so readers can master SSO implementation and security design.
