Tagged articles

653 articles

Page 5 of 7

Jan 9, 2022 · Backend Development

Designing a Multi‑Account Unified Login System: Schemas, Flows, and Optimizations

This article explains how to design a scalable multi‑account login system by describing self‑built phone‑number authentication, optimized password‑less registration, third‑party OAuth integration, database schema separation, and one‑click carrier‑based login, while highlighting advantages, drawbacks, and implementation details.

AuthenticationBackendDatabase design

0 likes · 16 min read

Designing a Multi‑Account Unified Login System: Schemas, Flows, and Optimizations

HomeTech

Jan 4, 2022 · Backend Development

Design and Implementation of an API Gateway for High-Concurrency Scenarios

This article details the step‑by‑step design, architecture, plugin configuration, authentication methods, code implementation, and performance testing of a Kong‑based API gateway built to handle millions of QPS during large‑scale events, highlighting challenges, solutions, and future directions.

AuthenticationBackend DevelopmentKong

0 likes · 12 min read

Design and Implementation of an API Gateway for High-Concurrency Scenarios

Architect

Jan 1, 2022 · Cloud Native

Building a Spring Cloud Gateway Service with Dynamic Routing via Nacos and Authentication Filter

This tutorial demonstrates how to set up a Spring Cloud Gateway service using SpringBoot 2.1, configure static and dynamic routes with Nacos, implement a custom authentication filter, and manage route updates without restarting the gateway, providing a comprehensive guide for beginners.

AuthenticationJavaNacos

0 likes · 12 min read

Building a Spring Cloud Gateway Service with Dynamic Routing via Nacos and Authentication Filter

Code Ape Tech Column

Dec 30, 2021 · Backend Development

Implementing JWT Invalidation with Redis Blacklist in Spring Cloud Gateway

This article explains how to invalidate JWT tokens during password changes, permission updates, or logout by using a Redis-backed blacklist approach in Spring Cloud Gateway, detailing the extraction of the token's jti, gateway filtering, downstream modifications, and a logout endpoint implementation.

AuthenticationBackendJWT

0 likes · 8 min read

Implementing JWT Invalidation with Redis Blacklist in Spring Cloud Gateway

Practical DevOps Architecture

Dec 29, 2021 · Operations

Installing and Configuring OpenLDAP on Linux

This guide walks through installing OpenLDAP packages, loading schema files, configuring domain settings, enabling the memberof and refint modules, and installing phpLDAPadmin on a Linux server, providing all necessary commands and LDIF examples.

AuthenticationLDAPLinux

0 likes · 6 min read

Installing and Configuring OpenLDAP on Linux

Top Architect

Dec 24, 2021 · Backend Development

Token, Timestamp, and Sign: Implementing Secure API Authentication with Spring Boot and Redis

This article explains the concepts of token, timestamp, and sign, describes how they are used together to secure API calls, shows how to prevent duplicate submissions, and provides complete Spring Boot code examples—including Redis configuration, interceptors, utilities, and ThreadLocal handling—for building a robust backend authentication system.

AuthenticationTokenapi-security

0 likes · 23 min read

Token, Timestamp, and Sign: Implementing Secure API Authentication with Spring Boot and Redis

Selected Java Interview Questions

Dec 22, 2021 · Backend Development

User Login Flow, Token Management, and Anonymous Access Implementation in a Java Backend

This article explains the complete user login process, token generation and validation, token expiration policies, logout handling, and two approaches for anonymous requests—authorized tokens with rate limiting and path‑based regex rules—illustrated with diagrams and Java/Redis code examples.

AuthenticationSecurityToken

0 likes · 9 min read

User Login Flow, Token Management, and Anonymous Access Implementation in a Java Backend

Code Ape Tech Column

Dec 21, 2021 · Cloud Native

Integrating Spring Cloud Gateway with OAuth2.0 for Unified Authentication and Authorization

This article demonstrates how to build a unified authentication and authorization solution by integrating Spring Cloud Gateway with OAuth2.0, covering architecture design, service setup, JWT token handling, custom authentication and authorization managers, Redis-based permission management, and end‑to‑end testing steps.

AuthenticationJWTOAuth2.0

0 likes · 12 min read

Integrating Spring Cloud Gateway with OAuth2.0 for Unified Authentication and Authorization

Java Architect Essentials

Dec 17, 2021 · Mobile Development

One-Click Mobile Number Login and Verification Services from China Mobile, China Telecom, and China Unicom

The article explains how China Mobile, China Telecom, and China Unicom provide one‑click mobile number login and verification services, detailing SDK capabilities, required network conditions, token acquisition methods, and security considerations for iOS, Android, H5, and mini‑program integrations.

AndroidAuthenticationSDK

0 likes · 12 min read

One-Click Mobile Number Login and Verification Services from China Mobile, China Telecom, and China Unicom

Java Architect Essentials

Dec 15, 2021 · Information Security

Mastering Single Sign‑On: Principles, Architecture, and Java Implementation

This article explains the fundamentals of HTTP's stateless nature, session handling in single‑system web apps, the challenges of multi‑system environments, and presents a detailed walkthrough of Single Sign‑On concepts, token‑based authentication flow, global versus local sessions, deployment considerations, and a step‑by‑step Java implementation with code examples.

AuthenticationJavaSSO

0 likes · 17 min read

Mastering Single Sign‑On: Principles, Architecture, and Java Implementation

Code Ape Tech Column

Dec 9, 2021 · Information Security

Customizing Exception Responses in Spring Security OAuth2

This article explains how to customize authentication and resource server exception messages in Spring Security OAuth2, covering the creation of custom translators, entry points, and filters, with step‑by‑step code examples and testing procedures for handling username/password errors, grant type errors, client credential errors, token expiration, and insufficient permissions.

AuthenticationBackendException Handling

0 likes · 10 min read

Customizing Exception Responses in Spring Security OAuth2

Ops Development Stories

Dec 8, 2021 · Cloud Native

How to Build a Custom Kubernetes Authentication Webhook with GitHub and LDAP

This article explains how to create a custom Kubernetes authentication webhook in Go that supports GitHub token and LDAP authentication, details the required API Server configuration, provides full code examples, and demonstrates testing both methods, illustrating a practical way to integrate external account systems with Kubernetes.

AuthenticationCloud NativeGitHub

0 likes · 15 min read

How to Build a Custom Kubernetes Authentication Webhook with GitHub and LDAP

Code Ape Tech Column

Dec 6, 2021 · Information Security

Integrating OAuth2.0 with JWT in Spring Security – Advanced Tutorial

This article explains how to integrate OAuth2.0 with JWT token issuance in Spring Security, covering transparent vs opaque tokens, server‑side configuration, resource‑server validation, testing with Postman, and key source‑code snippets for a complete end‑to‑end authentication solution.

AuthenticationBackendJWT

0 likes · 9 min read

Integrating OAuth2.0 with JWT in Spring Security – Advanced Tutorial

Java High-Performance Architecture

Dec 2, 2021 · Information Security

Mastering Spring Boot Security: A Minimalist Guide to Integrating Apache Shiro

This tutorial walks through building a Spring Boot application with Apache Shiro, covering core concepts, database schema design, Maven dependencies, configuration files, entity and DAO layers, service implementations, Shiro realm and security configuration, login handling, role and permission testing, and future extension ideas.

Apache ShiroAuthenticationAuthorization

0 likes · 19 min read

Mastering Spring Boot Security: A Minimalist Guide to Integrating Apache Shiro

Code Ape Tech Column

Dec 2, 2021 · Information Security

Comprehensive Guide to OAuth2.0: Principles, Four Grant Types, and Implementation with Spring Security

This article explains why OAuth2.0 is needed, clarifies the differences between tokens and passwords, describes the OAuth2.0 protocol and its four grant types, and provides a step‑by‑step Spring Boot + Spring Cloud Alibaba implementation of an authorization server and a resource server with full code examples.

AuthenticationAuthorizationSpring Boot

0 likes · 22 min read

Comprehensive Guide to OAuth2.0: Principles, Four Grant Types, and Implementation with Spring Security

DevOps

Nov 30, 2021 · Cloud Native

Understanding Serverless: Optimism Traps, Vendor Lock‑In, and Best‑Practice Design

This article examines the hidden pitfalls of technology optimism, the inevitable vendor lock‑in of serverless platforms, and how to apply timeless architectural principles—such as abstraction, service layers, and token‑based authentication—to design portable, testable, and maintainable serverless applications across Azure and AWS.

AuthenticationCloud NativeDeployment

0 likes · 20 min read

Understanding Serverless: Optimism Traps, Vendor Lock‑In, and Best‑Practice Design

Code Ape Tech Column

Nov 29, 2021 · Information Security

Implementing JWT-Based Authentication and Authorization with Spring Security in a Frontend‑Backend Separated Architecture

This article explains how to use Spring Security together with JWT to build a stateless authentication system for front‑end/back‑end separated applications, covering token issuance, refresh logic, custom filters, handlers, UserDetailsService implementation, global security configuration, and testing procedures.

AuthenticationAuthorizationBackend

0 likes · 12 min read

Implementing JWT-Based Authentication and Authorization with Spring Security in a Frontend‑Backend Separated Architecture

Programmer DD

Nov 24, 2021 · Information Security

Shiro vs Spring Security: Which Java Security Framework Fits Your Project?

This article compares Apache Shiro and Spring Security, outlining their core concepts, execution flows, key features, and practical guidance to help developers choose the most suitable Java security framework based on project requirements and team expertise.

AuthenticationAuthorizationJava Security

0 likes · 5 min read

Shiro vs Spring Security: Which Java Security Framework Fits Your Project?

Full-Stack Internet Architecture

Nov 8, 2021 · Information Security

Comprehensive Apache Shiro Tutorial: Introduction, Configuration, Realms, Authentication Strategies, Encryption, Salt, Authorization, Spring Integration, and Caching

This extensive guide explains Apache Shiro's core concepts, demonstrates how to set up simple authentication, configure various Realm types, apply multi‑realm authentication strategies, encrypt passwords with hashing and salting, implement custom authorization, integrate Shiro with Spring MVC, explore different login methods, use JSP tags for UI control, and enable caching with Ehcache, providing complete code examples throughout.

Apache ShiroAuthenticationAuthorization

0 likes · 47 min read

Comprehensive Apache Shiro Tutorial: Introduction, Configuration, Realms, Authentication Strategies, Encryption, Salt, Authorization, Spring Integration, and Caching

Mike Chen's Internet Architecture

Oct 29, 2021 · Information Security

Understanding Single Sign-On (SSO): Why It Is Needed and How It Works

This article explains the necessity of Single Sign-On (SSO) in multi‑system environments, traces its origins from monolithic web applications to distributed clusters, and describes common implementation approaches for same‑domain and cross‑domain scenarios, including the use of a central authentication center such as CAS.

AuthenticationSSOSecurity

0 likes · 6 min read

Understanding Single Sign-On (SSO): Why It Is Needed and How It Works

Code Ape Tech Column

Oct 29, 2021 · Information Security

Understanding OAuth2 Single Sign-On (SSO) and Its Spring Boot Implementation

This article explains the principles of Single Sign-On using OAuth2.0, illustrates the flow with a real‑world analogy, details HTTP redirection, compares grant types, and provides a complete Spring Boot implementation of an authorization server, client application, and role‑based access control for microservices.

AuthenticationAuthorizationSSO

0 likes · 12 min read

Understanding OAuth2 Single Sign-On (SSO) and Its Spring Boot Implementation

Aikesheng Open Source Community

Oct 27, 2021 · Databases

How to Use MySQL Proxy Users in MySQL 8.0 – Replacing Proxy with Roles and Practical Demonstration

This article explains why MySQL 8.0 no longer requires the legacy proxy user feature, shows how to replace it with roles, and provides a step‑by‑step demonstration—including plugin installation, user creation, privilege granting, and the two main limitations of proxy users—using concrete MySQL commands and code snippets.

AuthenticationDatabaseSecurityMySQL8.0

0 likes · 7 min read

How to Use MySQL Proxy Users in MySQL 8.0 – Replacing Proxy with Roles and Practical Demonstration

Programmer DD

Oct 20, 2021 · Backend Development

Master JWT: Secure Token Authentication with Spring Boot, Angular & JJWT

This guide explains what JWT is, its structure, security best practices, and demonstrates a complete implementation using the JJWT Java library together with Spring Boot and Angular, including Maven setup, filter, controllers, and a front‑end example to authenticate users and enforce role‑based access.

AngularAuthenticationJSON Web Token

0 likes · 14 min read

Master JWT: Secure Token Authentication with Spring Boot, Angular & JJWT

Java Architect Essentials

Oct 17, 2021 · Backend Development

Unified Multi-Account Login: Architecture, Flow, and Database Design

This article explains the concept of multi‑account login using third‑party identities, describes early‑stage username/password and mobile‑number authentication flows, presents a detailed database schema, and outlines the integration process for services like QQ‑SDK following OAuth2.0 principles.

AuthenticationOAuth2login

0 likes · 9 min read

Unified Multi-Account Login: Architecture, Flow, and Database Design

Top Architect

Oct 12, 2021 · Information Security

Implementing JWT Authentication with Spring Boot, Angular, and JJWT

This article explains what JSON Web Tokens are, their structure and security best practices, and demonstrates a complete JWT‑based authentication example using Spring Boot on the backend, the JJWT library, and an Angular front‑end, including Maven configuration, Java filter, controllers, and client‑side code.

AngularAuthenticationJWT

0 likes · 13 min read

Implementing JWT Authentication with Spring Boot, Angular, and JJWT

Java Architect Essentials

Oct 8, 2021 · Information Security

Understanding Authentication, Authorization, and Tokens: From Cookies to JWT

This article explains the fundamentals of authentication, authorization, and credentials, compares cookies, sessions, and tokens, details token types such as access and refresh tokens, introduces JWT principles and usage, and discusses security considerations and distributed session‑sharing strategies for modern web applications.

AuthenticationAuthorizationCookie

0 likes · 22 min read

Understanding Authentication, Authorization, and Tokens: From Cookies to JWT

DeWu Technology

Oct 1, 2021 · Databases

MySQL 8.0 New Authentication Plugin: caching_sha2_password

MySQL 8.0 replaces the default mysql_native_password with the caching_sha2_password plugin, which stores a 70‑byte salted SHA‑256 hash with configurable rounds, caches SHA256(password) for fast logins, and falls back to RSA‑encrypted full verification on insecure connections, supporting user creation, replication and key management.

AuthenticationRSAcaching_sha2_password

0 likes · 14 min read

MySQL 8.0 New Authentication Plugin: caching_sha2_password

Top Architect

Sep 26, 2021 · Information Security

Implementing JWT Authentication with Spring Boot and Angular

This article explains what JSON Web Tokens (JWT) are, describes their structure and security considerations, and provides a complete Spring Boot and Angular example—including Maven configuration, Java filter and controller code, Angular services and UI—to demonstrate how to generate, validate, and use JWTs for authentication and role‑based access control.

AngularAuthenticationJWT

0 likes · 14 min read

Implementing JWT Authentication with Spring Boot and Angular

Programmer DD

Sep 22, 2021 · Information Security

Why Sa-Token Is the Simplest Java Permission Framework for SpringBoot

This article introduces Sa-Token, a lightweight Java permission authentication framework, showcases its simple API with code examples, lists its extensive features such as login, SSO, OAuth2.0 and distributed sessions, and provides Maven dependency, configuration, and quick‑start demo for SpringBoot projects.

AuthenticationJavaSa-Token

0 likes · 11 min read

Why Sa-Token Is the Simplest Java Permission Framework for SpringBoot

GrowingIO Tech Team

Sep 16, 2021 · Information Security

How GrowingIO Unified OAuth2, LDAP, and CAS for Seamless SSO Integration

GrowingIO’s server-side solution integrates three distinct authentication protocols—OAuth2, LDAP, and CAS—into a unified SSO flow, detailing each protocol’s process, the overall architecture, role of the IAM and Gateway components, and providing configuration and code examples for implementation.

AuthenticationCASLDAP

0 likes · 12 min read

How GrowingIO Unified OAuth2, LDAP, and CAS for Seamless SSO Integration

Java Architect Essentials

Sep 13, 2021 · Information Security

Token-Based Authentication System: Scenarios, Types, and Hierarchical Design

This article analyzes various client scenarios in multi‑client information systems, categorizes authentication tokens (password, session, API, access, PAM, MAP), compares their natural and controllable attributes, proposes a hierarchical token architecture, and discusses security, privacy, and practical application considerations.

Authenticationaccess controlidentity

0 likes · 13 min read

Token-Based Authentication System: Scenarios, Types, and Hierarchical Design

MaGe Linux Operations

Sep 7, 2021 · Information Security

How QR Code Login Works: From Scanning to Secure Token Authentication

QR code login lets users authenticate on a PC by scanning a code with a pre‑logged‑in mobile app, using a token‑based system that verifies identity without transmitting passwords, and involves QR generation, status polling, temporary tokens, and final confirmation to securely log in.

AuthenticationMobileQR code

0 likes · 12 min read

How QR Code Login Works: From Scanning to Secure Token Authentication

Programmer DD

Sep 7, 2021 · Information Security

Understanding Keycloak Realms: Isolation, Management, and Best Practices

This article explains what a Keycloak Realm is, when to use it, the role of the built‑in Master Realm, how to create and manage additional Realms, and practical methods for setting up Realm‑specific admin accounts using both Master users and realm client users.

AuthenticationIdentity ManagementKeycloak

0 likes · 6 min read

Understanding Keycloak Realms: Isolation, Management, and Best Practices

Architecture Digest

Aug 27, 2021 · Backend Development

Four Ways to Implement a Generic AppKey Whitelist in Spring Boot

This article explains four approaches to adding a generic appkey whitelist check in a Spring Boot web framework—traditional AOP, HandlerInterceptor, custom HandlerMethodArgumentResolver, and Servlet Filter—providing implementation steps, code examples, and a discussion of their execution order and extensibility.

ArgumentResolverAuthenticationInterceptor

0 likes · 12 min read

Four Ways to Implement a Generic AppKey Whitelist in Spring Boot

IT Architects Alliance

Aug 25, 2021 · Information Security

Understanding Single Sign-On (SSO) Mechanism and Java Implementation

This article explains the stateless nature of HTTP, the session and cookie mechanisms for single‑system login, the challenges of multi‑system environments, and provides a detailed overview of Single Sign‑On (SSO) concepts, token flow, and step‑by‑step Java code examples for client and server implementations.

AuthenticationJavaSSO

0 likes · 14 min read

Understanding Single Sign-On (SSO) Mechanism and Java Implementation

macrozheng

Aug 24, 2021 · Backend Development

Master Microservice Authentication with Sa-Token and Spring Cloud Gateway

This tutorial walks through building a microservice authentication and authorization solution using Sa-Token, Spring Cloud Gateway, Nacos, and Redis, detailing the setup of gateway, authentication, and protected API services, configuration files, custom permission handling, and a complete demo with Postman.

AuthenticationAuthorizationJava

0 likes · 17 min read

Master Microservice Authentication with Sa-Token and Spring Cloud Gateway

Programmer DD

Aug 20, 2021 · Information Security

Keycloak + Spring Security: Unpacking the Filter Chain

This article examines how Keycloak integrates with Spring Security in a Spring Boot application, detailing the custom security filters added to the standard chain, the handling of authentication and authorization for the /admin/foo endpoint, and practical steps to enable detailed logging for deeper insight.

AuthenticationJavaKeycloak

0 likes · 8 min read

Keycloak + Spring Security: Unpacking the Filter Chain

21CTO

Aug 19, 2021 · Information Security

Comparing Top SaaS Identity Management Solutions: Okta, Auth0, and Frontegg

This article reviews three leading SaaS user‑management platforms—Okta, Auth0, and Frontegg—detailing their features, advantages, pricing, and differences in multi‑tenant support, social login, and plug‑in capabilities to help developers choose the best solution for their applications.

AuthenticationIdentity ManagementSSO

0 likes · 8 min read

Comparing Top SaaS Identity Management Solutions: Okta, Auth0, and Frontegg

macrozheng

Aug 19, 2021 · Backend Development

Mastering Sa-Token: Simplify SpringBoot Authentication and Authorization

This guide walks you through integrating the lightweight Sa-Token framework into a SpringBoot project, covering dependency setup, configuration, login, role and permission checks, as well as global exception handling, with complete code examples and practical screenshots.

AuthenticationAuthorizationJava

0 likes · 13 min read

Mastering Sa-Token: Simplify SpringBoot Authentication and Authorization

Code Ape Tech Column

Aug 19, 2021 · Information Security

Understanding Single Sign-On (SSO) and Session Management in Web Applications

This article explains the fundamentals of HTTP's stateless nature, session mechanisms, the challenges of multi‑system login, and provides a detailed guide with Java code examples on implementing Single Sign‑On (SSO) including token generation, validation, and global‑local session handling.

AuthenticationJavaSSO

0 likes · 15 min read

Understanding Single Sign-On (SSO) and Session Management in Web Applications

Selected Java Interview Questions

Aug 15, 2021 · Information Security

Understanding Web Login Security: Risks, Encryption Methods, Tokens, and Digital Signatures

This article examines common security vulnerabilities in web login processes, demonstrates how plain‑text passwords can be intercepted over HTTP/HTTPS, evaluates symmetric and asymmetric encryption, discusses the limitations of MD5, and proposes token‑based and digital‑signature solutions to protect credentials and data integrity.

AuthenticationHTTPSMD5

0 likes · 14 min read

Understanding Web Login Security: Risks, Encryption Methods, Tokens, and Digital Signatures

Top Architect

Aug 11, 2021 · Backend Development

Eight-Step User Authentication with JWT

This article explains an eight‑step JWT‑based user authentication flow, covering secure credential transmission, database verification, token creation, HttpOnly cookie handling, request validation, payload decoding, session versus JWT comparison, and cross‑domain single sign‑on configuration.

AuthenticationJWTSingle Sign-On

0 likes · 5 min read

MaGe Linux Operations

Aug 8, 2021 · Backend Development

Build Full‑Stack Python Apps in Minutes with Replit’s New replit.web Framework

Replit introduces replit.web, a Python framework that streamlines server launch, persistent storage with Repl DB, and user authentication via Repl Auth, allowing developers to create full‑stack applications with minimal code and effort.

AuthenticationBackendPython

0 likes · 4 min read

Build Full‑Stack Python Apps in Minutes with Replit’s New replit.web Framework

Programmer DD

Aug 7, 2021 · Information Security

Essential Keycloak Adapter Settings for Spring Security Integration

This article outlines the most commonly used Keycloak adapter configuration properties for Spring Security integration, explaining each setting such as realm, resource, auth-server-url, SSL requirements, CORS, bearer-only mode, and client credentials, and provides guidance on when and how to apply them.

AdapterAuthenticationAuthorization

0 likes · 6 min read

Essential Keycloak Adapter Settings for Spring Security Integration

Programmer DD

Aug 7, 2021 · Information Security

How to Seamlessly Integrate Keycloak with Spring Security in Spring Boot

This tutorial explains step‑by‑step how to add Keycloak authentication to a Spring Boot application using the Spring Security adapter, covering Maven dependencies, configuration files, custom resolvers, role mapping, session strategies, and the typical authorization code flow.

AuthenticationJavaKeycloak

0 likes · 10 min read

How to Seamlessly Integrate Keycloak with Spring Security in Spring Boot

Spring Full-Stack Practical Cases

Aug 6, 2021 · Information Security

How to Implement Remember-Me and Prevent Duplicate Logins in Spring Boot Security

Learn how to configure Spring Boot Security's remember‑me feature with a persistent token repository, set up the necessary SQL, customize the login page, and understand the underlying authentication flow to prevent duplicate logins and maintain user sessions across browser restarts.

AuthenticationJavaRemember Me

0 likes · 5 min read

How to Implement Remember-Me and Prevent Duplicate Logins in Spring Boot Security

Spring Full-Stack Practical Cases

Aug 5, 2021 · Backend Development

Master Spring Security: Step‑by‑Step Authentication Flow in Spring Boot

This article walks through the Spring Security authentication flow in a Spring Boot 2.2.11 application, detailing filter execution, token creation, provider selection, custom DaoAuthenticationProvider configuration, and session management, complemented by code snippets and diagrams for each step.

AuthenticationBackend DevelopmentJava

0 likes · 8 min read

Master Spring Security: Step‑by‑Step Authentication Flow in Spring Boot

Java Interview Crash Guide

Jul 29, 2021 · Backend Development

Spring Boot Auth Whitelist: AOP, Interceptor, Resolver, and Filter

This article compares four Spring Boot techniques—traditional AOP, HandlerInterceptor, custom HandlerMethodArgumentResolver, and Servlet Filter—for implementing a generic appkey whitelist validation, explains their implementation steps with code examples, and clarifies their execution order within the request processing pipeline.

AuthenticationJavaSpring Boot

0 likes · 11 min read

Spring Boot Auth Whitelist: AOP, Interceptor, Resolver, and Filter

macrozheng

Jul 27, 2021 · Information Security

Quickly Secure Your SpringBoot Apps with Keycloak: Docker Setup & OAuth2 Integration

This tutorial walks through installing Keycloak via Docker, exploring its admin console, configuring realms, users, and clients, and demonstrates both authorization code and password grant flows before integrating Keycloak with a SpringBoot application to protect APIs using OAuth2.

AuthenticationAuthorizationDocker

0 likes · 8 min read

Quickly Secure Your SpringBoot Apps with Keycloak: Docker Setup & OAuth2 Integration

Spring Full-Stack Practical Cases

Jul 26, 2021 · Information Security

Mastering JWT: Secure API Authentication with Spring Boot

This guide explains the fundamentals of JSON Web Tokens, their structure and claim types, typical use cases such as authorization and secure data exchange, and provides a step‑by‑step Spring Boot implementation including dependency setup, token generation, interceptor validation, and protected endpoint testing.

API SecurityAuthenticationJWT

0 likes · 7 min read

Mastering JWT: Secure API Authentication with Spring Boot

Code Ape Tech Column

Jul 23, 2021 · Information Security

Mastering OAuth2 SSO with SpringBoot: A Step‑by‑Step Guide

This article explains the principles of Single Sign‑On using OAuth2.0, illustrates the flow with a real‑world analogy, and provides a complete SpringBoot implementation for both the authorization server and client, including role‑based permission control and microservice integration.

AuthenticationAuthorizationMicroservices

0 likes · 11 min read

Mastering OAuth2 SSO with SpringBoot: A Step‑by‑Step Guide

NetEase Smart Enterprise Tech+

Jul 22, 2021 · Information Security

Mastering CAS-Based Single Sign-On: From Session Mechanics to Seamless Logout

This article explains a complete CAS-based single sign‑on solution, covering traditional session mechanisms, the CAS architecture, implementation of single sign‑on, session renewal, single logout, and practical extensions for multi‑system integration to ensure secure and seamless user experiences across enterprise applications.

AuthenticationCASSSO

0 likes · 12 min read

Mastering CAS-Based Single Sign-On: From Session Mechanics to Seamless Logout

Programmer DD

Jul 21, 2021 · Information Security

Why OIDC Extends OAuth2: Secure Authentication with Keycloak Explained

This article explains how OpenID Connect (OIDC) builds on OAuth 2.0 to provide authentication, demonstrates a practical Keycloak integration with a Spring Boot app, and walks through a complete authorization flow for a photo‑storage service using client credentials and secure token exchange.

AuthenticationAuthorizationKeycloak

0 likes · 8 min read

Why OIDC Extends OAuth2: Secure Authentication with Keycloak Explained

Architecture Digest

Jul 20, 2021 · Information Security

Understanding JSON Web Tokens (JWT) and Their Use in Authentication

This article explains the lightweight JWT specification, its three-part structure (header, payload, signature), how to create and encode tokens with example code, the purpose of signatures, security considerations, suitable use cases, and a step‑by‑step authentication flow comparing JWT with traditional session storage.

AuthenticationJWTSecurity

0 likes · 11 min read

Understanding JSON Web Tokens (JWT) and Their Use in Authentication

Programmer DD

Jul 16, 2021 · Information Security

Secure Your Spring Boot App with Keycloak: Step‑by‑Step OIDC Integration

This guide walks you through creating a Keycloak realm, registering a client, defining roles and mappings, obtaining and refreshing JWT tokens, and configuring a Spring Boot application with the Keycloak Spring Boot starter to protect endpoints via OIDC authentication.

AuthenticationAuthorizationJava

0 likes · 8 min read

Secure Your Spring Boot App with Keycloak: Step‑by‑Step OIDC Integration

MaGe Linux Operations

Jul 15, 2021 · Backend Development

How to Build a Custom User Model in Django Step‑by‑Step

This guide walks you through installing Django, creating an app, defining a custom user model with a manager, configuring AUTH_USER_MODEL, and migrating the database, enabling email‑based authentication and flexible user fields.

AuthenticationBackendDjango

0 likes · 7 min read

How to Build a Custom User Model in Django Step‑by‑Step

php Courses

Jul 12, 2021 · Information Security

Implementing Google Authenticator 2FA in PHP (ThinkPHP 6)

This tutorial explains how to download, configure, and use the PHP GoogleAuthenticator class for two‑factor authentication in a ThinkPHP 6 environment, including code examples for generating secrets, QR‑code URLs, storing them, and verifying user tokens.

2FAAuthenticationGoogle Authenticator

0 likes · 9 min read

Implementing Google Authenticator 2FA in PHP (ThinkPHP 6)

Java Architect Essentials

Jul 9, 2021 · Information Security

How Single Sign-On (SSO) Works: From Session Basics to Full Implementation

This article explains the stateless nature of HTTP, how session and cookie mechanisms enable login state in a single web system, the challenges of multi‑system environments, and provides a step‑by‑step guide with code examples for building a Java‑based Single Sign‑On solution, including token generation, validation, and logout handling.

AuthenticationJavaSSO

0 likes · 17 min read

How Single Sign-On (SSO) Works: From Session Basics to Full Implementation

Programmer DD

Jul 9, 2021 · Information Security

Hands‑On Keycloak: Install, Explore Realms & Users with Docker

This article walks you through installing Keycloak 14.0.0 via Docker, configuring the admin console, creating custom realms and users, and explains core concepts such as realms, authentication, authorization, roles, groups, clients, and identity providers for practical security integration.

AuthenticationAuthorizationDocker

0 likes · 8 min read

Hands‑On Keycloak: Install, Explore Realms & Users with Docker

Programmer DD

Jul 8, 2021 · Information Security

Keycloak Explained: Powerful Open‑Source SSO Solution, Pros & Cons

Keycloak, Red Hat’s open‑source identity and access management platform, offers a comprehensive SSO solution with extensive protocols, admin UI, Spring Security integration, and customizable features, but its complexity and steep learning curve may pose challenges for smaller projects.

AuthenticationAuthorizationIdentity Management

0 likes · 7 min read

Keycloak Explained: Powerful Open‑Source SSO Solution, Pros & Cons

Programmer DD

Jul 6, 2021 · Backend Development

Unified Multi-Channel Login with Spring Security: Password, SMS, and Mini‑App

This article demonstrates how to implement a unified authentication system in Spring Security that supports traditional username/password login, SMS-based captcha login, and WeChat Mini‑Program login, detailing the required components, custom filters, provider configurations, and code examples for a production‑ready solution.

AuthenticationCaptchaJava

0 likes · 14 min read

Unified Multi-Channel Login with Spring Security: Password, SMS, and Mini‑App

Top Architect

Jul 3, 2021 · Backend Development

Three Practical Methods for Implementing Single Sign-On (SSO) in B/S Systems

This article explains the principle of single sign‑on and compares three implementation techniques—parent‑domain cookies, a dedicated authentication centre, and cross‑domain LocalStorage—detailing their mechanisms, advantages, limitations, and providing sample code for the LocalStorage approach.

AuthenticationCookieSSO

0 likes · 11 min read

Three Practical Methods for Implementing Single Sign-On (SSO) in B/S Systems

macrozheng

Jun 30, 2021 · Cloud Native

Master APISIX: Deploy a Powerful Cloud‑Native API Gateway with Docker in Minutes

This guide introduces APISIX, a cloud‑native API gateway with visual management and dozens of plugins, walks through its core concepts, shows how to install it via Docker‑Compose, and demonstrates basic and advanced usage such as routing, authentication, rate limiting, and CORS support.

APISIXAuthenticationCORS

0 likes · 14 min read

Master APISIX: Deploy a Powerful Cloud‑Native API Gateway with Docker in Minutes

IT Architects Alliance

Jun 21, 2021 · Information Security

Token-Based Identity Authentication: Classification, Scenarios, and Security Considerations

This article analyses various client‑side authentication scenarios, classifies token types such as password, session, and API tokens, compares their cost, risk, and controllable attributes, and proposes a layered token architecture to improve security, privacy, and usability across multiple platforms.

AuthenticationSecuritySession

0 likes · 13 min read

Token-Based Identity Authentication: Classification, Scenarios, and Security Considerations

Code Ape Tech Column

Jun 17, 2021 · Backend Development

Four Ways to Implement Generic Auth in Spring Boot: AOP, Interceptor, ArgumentResolver, and Filter

This article explains how to add a generic app‑key whitelist authentication feature to a Spring Boot web framework using four different mechanisms—traditional AOP, HandlerInterceptor, custom HandlerMethodArgumentResolver, and Servlet Filter—providing implementation steps, code examples, and a discussion of their execution order.

ArgumentResolverAuthenticationInterceptor

0 likes · 12 min read

Four Ways to Implement Generic Auth in Spring Boot: AOP, Interceptor, ArgumentResolver, and Filter

Top Architect

Jun 15, 2021 · Information Security

Securing Spring Boot Applications with JWT and Spring Security

This tutorial explains how to protect a Spring Boot web application by integrating Spring Security and JSON Web Tokens (JWT), covering project setup, dependency configuration, custom authentication components, security filters, token generation, role‑based access control, and testing with curl commands.

AuthenticationJWTJava

0 likes · 15 min read

Securing Spring Boot Applications with JWT and Spring Security

Open Source Linux

Jun 14, 2021 · Operations

Master FTP with vsftpd: Install, Configure, and Secure Linux Transfers

This guide provides a comprehensive overview of the FTP protocol and its lightweight counterpart TFTP, then walks through installing, configuring, and securing the vsftpd service on Linux, covering active and passive modes, authentication options—including anonymous, local, and virtual users via text files or MySQL—and essential SELinux and firewall adjustments.

AuthenticationFTPLinux

0 likes · 23 min read

Master FTP with vsftpd: Install, Configure, and Secure Linux Transfers

IT Architects Alliance

Jun 14, 2021 · Backend Development

Designing a High‑Performance Microservice Gateway: Routing, Load‑Balancing & Resilience

This article presents a comprehensive design guide for a microservice gateway, covering functional aspects such as routing, load‑balancing, aggregation, authentication, rate limiting, circuit breaking, and retries, as well as non‑functional concerns like high performance, high availability, scalability, extensibility, and observability.

AuthenticationMicroserviceScalability

0 likes · 15 min read

Designing a High‑Performance Microservice Gateway: Routing, Load‑Balancing & Resilience

ITFLY8 Architecture Home

Jun 12, 2021 · Backend Development

Designing a High‑Performance Microservice API Gateway: Routing, Load Balancing, and Resilience

This article outlines a comprehensive design for a microservice API gateway, covering functional aspects such as routing, load‑balancing algorithms, service aggregation, authentication, traffic control, circuit breaking, and caching, as well as non‑functional concerns like high performance, high availability, scalability, statelessness, and monitoring.

AuthenticationMicroservicesapi-gateway

0 likes · 15 min read

Designing a High‑Performance Microservice API Gateway: Routing, Load Balancing, and Resilience

DevOps Cloud Academy

May 31, 2021 · Cloud Native

Deploying and Configuring Harbor: A Cloud‑Native Docker Registry on Kubernetes

This article explains how to install and configure Harbor, an open‑source CNCF‑hosted cloud‑native Docker registry, covering its authentication mechanism, Helm‑based deployment on Kubernetes, required prerequisites, TLS handling, and practical steps for pushing and pulling container images.

AuthenticationCloud NativeDocker Registry

0 likes · 17 min read

Deploying and Configuring Harbor: A Cloud‑Native Docker Registry on Kubernetes

ITFLY8 Architecture Home

May 23, 2021 · Backend Development

Designing Scalable Multi-Account Login: Strategies, Flows, and Database Schemas

This article outlines practical approaches for implementing multi‑account login, covering early‑stage username/password and phone‑based registration, detailed authentication flows, OAuth2 integration with third‑party providers, and comprehensive database schema designs to unify local and external user identities.

AuthenticationBackend DevelopmentDatabase design

0 likes · 9 min read

Designing Scalable Multi-Account Login: Strategies, Flows, and Database Schemas

Programmer DD

May 20, 2021 · Information Security

Mastering JWT Bearer Grant in Spring Security 5.5 for OAuth2.0

Spring Security 5.5 introduces the JWT Bearer grant, an OAuth2.0 authorization mode defined in RFC7523, allowing clients to obtain access tokens using trusted JWTs and also to authenticate themselves, offering a streamlined alternative to traditional user‑approval flows.

AuthenticationJWTOAuth2

0 likes · 6 min read

Mastering JWT Bearer Grant in Spring Security 5.5 for OAuth2.0

IT Architects Alliance

May 18, 2021 · Backend Development

Design of a Microservice API Gateway: Functional and Non‑Functional Considerations

This article outlines a comprehensive design for a microservice API gateway, covering functional aspects such as routing, load balancing, aggregation, authentication, rate limiting, circuit breaking, caching, retries, and logging, as well as non‑functional concerns like high performance, high availability, scalability, and monitoring, with practical implementation options and recommendations.

AuthenticationMicroservicecircuit breaker

0 likes · 14 min read

Design of a Microservice API Gateway: Functional and Non‑Functional Considerations

Full-Stack Internet Architecture

May 18, 2021 · Information Security

Understanding Cookies, Sessions, and JWT Tokens: Comparison, Advantages, and Pitfalls

This article explains the evolution from cookies to server‑side sessions and finally to JWT tokens, compares their mechanisms, discusses scalability and security challenges such as CSRF, and provides guidance on when to choose each authentication method.

AuthenticationCSRFCookie

0 likes · 14 min read

Understanding Cookies, Sessions, and JWT Tokens: Comparison, Advantages, and Pitfalls

IT Architects Alliance

May 5, 2021 · Information Security

Token-Based Identity Authentication: Scenarios, Types, and Hierarchical Design

This article analyzes various client scenarios in multi‑client systems, classifies authentication tokens into password, session, and interface categories, compares their natural and controllable attributes, and proposes a layered token hierarchy to improve security, privacy, and usability across web, mobile, and API platforms.

AuthenticationSecurityToken

0 likes · 9 min read

Token-Based Identity Authentication: Scenarios, Types, and Hierarchical Design

Programmer DD

May 4, 2021 · Information Security

How QR Code Login Works: From Token Generation to Secure Authentication

This article explains the underlying principles of QR code login, detailing how the system identifies users, proves their identity through token‑based authentication, and manages the state transitions from scanning to confirmation, while also covering the role of QR code generation and temporary tokens.

AuthenticationQR codeToken

0 likes · 12 min read

How QR Code Login Works: From Token Generation to Secure Authentication

Architect

May 2, 2021 · Information Security

Token-Based Authentication Architecture: Classification, Scenarios, and Security Considerations

This article analyzes various authentication token types, their usage scenarios across web, mobile, and API clients, compares their natural and controllable attributes, proposes a hierarchical token model, and offers security guidelines for designing a robust multi‑client identity verification system.

AuthenticationSecurityToken

0 likes · 13 min read

Token-Based Authentication Architecture: Classification, Scenarios, and Security Considerations

MaGe Linux Operations

Apr 20, 2021 · Backend Development

Master Python Requests: GET, POST, HTTPS, File Transfer, Auth & Test Automation

This guide demonstrates how to use Python's requests library for sending GET, POST, and HTTPS requests, handling file uploads and downloads, managing timeouts, performing authentication, session and token handling, generating signatures, and organizing a complete API test automation framework.

API testingAuthenticationAutomation

0 likes · 13 min read

Master Python Requests: GET, POST, HTTPS, File Transfer, Auth & Test Automation

Top Architect

Apr 20, 2021 · Information Security

Integrating JWT Authentication in Spring Boot

This article explains the fundamentals of JSON Web Tokens (JWT), their structure, main use cases, and provides a step‑by‑step guide for integrating JWT authentication into a Spring Boot application, including dependency setup, custom annotations, token generation, interceptor implementation, and configuration details.

AuthenticationJWTJava

0 likes · 16 min read

Integrating JWT Authentication in Spring Boot

Programmer DD

Apr 15, 2021 · Information Security

How QR Code Login Works: Token Authentication and Secure Scanning Explained

This article explains the underlying principles of QR code login, detailing how token‑based authentication, QR code generation, and state transitions enable secure, password‑less login across PC, web, and mobile platforms.

AuthenticationTokenlogin

0 likes · 12 min read

How QR Code Login Works: Token Authentication and Secure Scanning Explained

Spring Full-Stack Practical Cases

Apr 9, 2021 · Information Security

How to Prevent Spring Security Session Timeout Redirects in NW.js Apps

This article explains why Spring Security redirects to the login page after 30 minutes of inactivity in a NW.js application, examines the underlying session handling code, and shows how to implement a custom success handler to preserve the user's original page.

AuthenticationNW.jssession timeout

0 likes · 4 min read

How to Prevent Spring Security Session Timeout Redirects in NW.js Apps

Programmer DD

Apr 9, 2021 · Information Security

Designing a Multi-Client Token-Based Authentication System: Strategies and Best Practices

This article analyzes various client scenarios, classifies authentication tokens, compares their natural and controllable attributes, and proposes a hierarchical token architecture that balances security, privacy, and usability across web, mobile, and API platforms.

AuthenticationIdentity verificationToken

0 likes · 10 min read

Designing a Multi-Client Token-Based Authentication System: Strategies and Best Practices

Spring Full-Stack Practical Cases

Apr 7, 2021 · Information Security

How Spring Security Authenticates Users: A Step‑by‑Step Deep Dive

This tutorial walks through Spring Security's authentication flow in a Spring Boot 2.2.11 application, detailing filter execution, token creation, provider verification, custom DaoAuthenticationProvider configuration, and session management with code examples and diagrams.

AuthenticationBackendJava

0 likes · 7 min read

How Spring Security Authenticates Users: A Step‑by‑Step Deep Dive

Top Architect

Mar 31, 2021 · Information Security

Comparison of Apache Shiro and Spring Security: Features, Execution Flow, and Choosing the Right Framework

This article compares Apache Shiro and Spring Security, outlining each framework's features, execution flow, and strengths, and provides guidance on when to choose Shiro for lightweight, framework-agnostic projects versus Spring Security for deeper Spring integration and broader community support.

AuthenticationAuthorizationJava

0 likes · 5 min read

Comparison of Apache Shiro and Spring Security: Features, Execution Flow, and Choosing the Right Framework

Open Source Linux

Mar 31, 2021 · Information Security

How QR Code Login Works: From Tokens to Secure Authentication

This article explains the principles behind QR codes, how they are used for secure login by transmitting identity and proof through token‑based authentication, and walks through each step of the QR‑code login flow from generation to confirmation.

AuthenticationBackendMobile

0 likes · 11 min read

How QR Code Login Works: From Tokens to Secure Authentication

Architects Research Society

Mar 27, 2021 · Backend Development

Understanding API Gateways and Their Role in Microservice Architectures

This article explains what API gateways are, why they are essential in microservice architectures, and how they address cross‑cutting concerns such as authentication, transport security, load balancing, request routing, dependency resolution, and data transformation, illustrated with a Node.js example.

AuthenticationJWTMicroservices

0 likes · 12 min read

Understanding API Gateways and Their Role in Microservice Architectures

Senior Brother's Insights

Mar 14, 2021 · Backend Development

Inside Zhaozhuan’s Service Governance: Architecture, Registration, and Monitoring

Facing the complexities of microservice adoption, Zhaozhuan’s service governance platform integrates service registration, discovery, configuration, monitoring, authentication, and rate limiting via an SDK‑driven architecture, illustrating AP‑style registration, node grouping, gray‑release discovery, real‑time metrics aggregation, and method‑level access control.

Authenticationrate limitingservice governance

0 likes · 14 min read

Inside Zhaozhuan’s Service Governance: Architecture, Registration, and Monitoring

dbaplus Community

Mar 11, 2021 · Databases

Why MySQL “Public Key Retrieval is not allowed” Happens and How to Fix It

This article analyzes the intermittent “Public Key Retrieval is not allowed” error in MySQL 8.0 when using JDBC, C3P0, or Druid connections, explains the authentication plugins involved, and provides step‑by‑step configuration fixes and best‑practice recommendations.

AuthenticationC3P0Druid

0 likes · 8 min read

Why MySQL “Public Key Retrieval is not allowed” Happens and How to Fix It

21CTO

Mar 9, 2021 · Backend Development

Mastering OAuth2 SSO with Spring Security and JWT: A Step‑by‑Step Guide

This tutorial walks through building a single sign‑on (SSO) system using OAuth2, Spring Security, and JWT, covering preparation, core concepts, Maven dependencies, configuration files, custom login pages, client setup, logout handling, project structure, and a full demonstration.

AuthenticationBackendJWT

0 likes · 25 min read

Mastering OAuth2 SSO with Spring Security and JWT: A Step‑by‑Step Guide

Laravel Tech Community

Mar 5, 2021 · Information Security

OpenSSH 8.5 Release Highlights and New Features

OpenSSH 8.5 introduces numerous security fixes, compatibility improvements, and new features such as default ED25519 signatures, updated post‑quantum key‑exchange methods, and enhanced logging and host‑key handling, while also addressing memory bugs and mitigating Solaris PAM vulnerabilities.

AuthenticationOpenSSHSSH

0 likes · 4 min read

OpenSSH 8.5 Release Highlights and New Features

Java Architect Essentials

Mar 3, 2021 · Information Security

Seven Open‑Source OAuth and SSO Projects for Developers

This article introduces seven open‑source OAuth/SSO solutions—including oauth2‑shiro, tkey, MaxKey, spring‑lhbauth, oauth2, oauthserver, and JustAuth—detailing their features, supported protocols, and repository links to help developers implement secure authentication and token management in web and mobile applications.

AuthenticationGolangOAuth

0 likes · 5 min read

Seven Open‑Source OAuth and SSO Projects for Developers

Top Architect

Feb 28, 2021 · Information Security

Comparison of JWT and OAuth2: Concepts, Implementation, and Use Cases

This article explains the fundamental differences between JSON Web Token (JWT) and OAuth2, describes their structures, security considerations, implementation details, and outlines appropriate scenarios for using each method to protect APIs.

AuthenticationAuthorizationJWT

0 likes · 10 min read

Comparison of JWT and OAuth2: Concepts, Implementation, and Use Cases

Programmer DD

Feb 23, 2021 · Backend Development

Master Spring Security OAuth2: How OAuth2AuthorizationCodeAuthenticationProvider Retrieves Tokens

This article explains the role of OAuth2AuthorizationCodeAuthenticationProvider in Spring Security, details how OAuth2AccessTokenResponseClient obtains access tokens, shows how to customize the token endpoint, and walks through the complete token‑retrieval flow with code examples and step‑by‑step analysis.

AuthenticationAuthorization Code GrantBackend Development

0 likes · 6 min read

Master Spring Security OAuth2: How OAuth2AuthorizationCodeAuthenticationProvider Retrieves Tokens

Python Crawling & Data Mining

Feb 5, 2021 · Backend Development

Build a Full‑Featured Django Website: Login, Registration, and More

This step‑by‑step tutorial shows how to create a Django website with user authentication features—including login, registration, logout, password change, password‑less login and reset—by configuring the project, defining models, forms, views, URLs, performing migrations, and running the server.

AuthenticationDjangoPython

0 likes · 5 min read

Build a Full‑Featured Django Website: Login, Registration, and More

php Courses

Feb 5, 2021 · Backend Development

Implementing Role-Based Access Control (RBAC) with the Auth Class in ThinkPHP

This guide explains how to set up an Auth class in ThinkPHP, create the necessary database tables for groups and rules, design admin and permission tables, configure user‑group relationships, handle login sessions, and integrate the Auth class into a common controller to enforce RBAC checks.

AuthenticationAuthorizationBackend

0 likes · 4 min read

Implementing Role-Based Access Control (RBAC) with the Auth Class in ThinkPHP

Code Ape Tech Column

Feb 2, 2021 · Information Security

JWT vs OAuth2: Which API Security Method Fits Your Needs?

This article explains the fundamental differences between JSON Web Tokens (JWT) and OAuth 2.0, outlines their structures, roles, and grant types, compares implementation effort and risk, and provides guidance on choosing the right approach for various API security scenarios.

API SecurityAuthenticationAuthorization

0 likes · 11 min read

JWT vs OAuth2: Which API Security Method Fits Your Needs?

Code Ape Tech Column

Jan 26, 2021 · Backend Development

Step‑by‑Step Guide to Building SSO with JWT and Spring Security

This tutorial explains the concept of Single Sign‑On, demonstrates a simple ticket‑based analogy, introduces JWT structure and RSA signing, and walks through a complete Spring Boot implementation—including project layout, Maven dependencies, configuration files, utility classes, custom authentication and verification filters, security configuration, and Postman testing—so readers can build a secure SSO service from scratch.

AuthenticationAuthorizationJWT

0 likes · 25 min read

Step‑by‑Step Guide to Building SSO with JWT and Spring Security

Selected Java Interview Questions

Jan 20, 2021 · Information Security

Introduction to Single Sign-On (SSO) and CAS: Concepts, Scenarios, and Implementation

This article explains the fundamentals of Single Sign-On (SSO) and the CAS framework, outlines suitable use cases, compares three implementation approaches, details key CAS components and ticket types, and walks through a step‑by‑step cross‑domain SSO deployment process.

AuthenticationCASSSO

0 likes · 7 min read

Introduction to Single Sign-On (SSO) and CAS: Concepts, Scenarios, and Implementation

21CTO

Jan 18, 2021 · Backend Development

Mastering Single Sign-On: Cookie, Auth Center, and LocalStorage Strategies

This article explains three practical Single Sign‑On implementations—parent‑domain cookies, a dedicated authentication center, and cross‑domain LocalStorage—detailing their mechanisms, advantages, limitations, and code examples for secure token sharing across multiple web applications.

AuthenticationCookieSSO

0 likes · 11 min read

Mastering Single Sign-On: Cookie, Auth Center, and LocalStorage Strategies

New Oriental Technology

Jan 18, 2021 · Information Security

Kafka Security Authentication and Authorization Configuration Guide (SASL/PLAIN and SASL/SCRAM)

This guide explains Kafka's authentication and authorization mechanisms, covering SASL/PLAIN and SASL/SCRAM setups, JAAS file creation, server property configuration, ACL management, and provides complete Java producer and consumer examples for secure communication.

ACLAuthenticationAuthorization

0 likes · 19 min read

Kafka Security Authentication and Authorization Configuration Guide (SASL/PLAIN and SASL/SCRAM)