November 2017
Intermediate to advanced
420 pages
10h 29m
English
Content preview from RESTful Java Web Services - Third Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
JWT authentication
With HTTP being a stateless protocol, following HTTP authentication means that the client has to be authenticated with its credentials for every request. For stateful applications, this becomes an issue, as the user will be prompted to log in for every action they perform. For example, once the user logs in via a shopping cart application, he/she may proceed with choosing the selected items and checking out until he/she is done with the shopping. To handle such scenarios, the legacy solution was to implement session-based authentication, which uses server sessions to maintain the authenticated state of a client.
In session-based authentication, after the authentication of the user, a session ID is created by the server ...