Token Revocation — 3 Technical Articles

Apr 14, 2026 · Information Security

Why Interviewers Mock Storing Tokens in Redis—and How to Answer Correctly

The article explains JWT fundamentals, why pure stateless tokens cannot be revoked, compares blacklist and whitelist Redis strategies, discusses token renewal with double‑token design, and shows how to articulate the right answer in an interview.

BlacklistJWTRedis

0 likes · 13 min read

Why Interviewers Mock Storing Tokens in Redis—and How to Answer Correctly

Spring Full-Stack Practical Cases

Oct 31, 2025 · Backend Development

How to Implement JWT Blacklist in Spring Boot 3 with Caffeine & Redis

This article explains how to build a JWT blacklist in Spring Boot 3, covering token fingerprinting, storage options using Caffeine or Redis, request interception, configuration, and sample login/logout endpoints to revoke tokens before they expire.

BlacklistCaffeineJWT

0 likes · 12 min read

How to Implement JWT Blacklist in Spring Boot 3 with Caffeine & Redis

dbaplus Community

Dec 29, 2024 · Information Security

Why Many Developers Warn Against Using JWTs for Authentication

This article explains what JSON Web Tokens are, outlines their typical usage flow, and critically examines their drawbacks such as size overhead, redundant signatures, revocation challenges, stale data, lack of encryption, and broader security concerns.

AuthenticationJWTSession Management

0 likes · 6 min read

Why Many Developers Warn Against Using JWTs for Authentication