Authentication and Authorization of End User in Microservice Architecture
暂无分享,去创建一个
As the market and business continues to expand; the traditional single monolithic architecture is facing more and more challenges. The development of cloud computing and container technology promote microservice architecture became more popular. While the low coupling, fine granularity, scalability, flexibility and independence of the microservice architecture bring convenience, the inherent complexity of the distributed system make the security of microservice architecture important and difficult. This paper aims to study the authentication and authorization of the end user under the microservice architecture. By comparing with the traditional measures and researching on existing technology, this paper put forward a set of authentication and authorization strategies suitable for microservice architecture, such as distributed session, SSO solutions, client-side JSON web token and JWT + API Gateway, and summarize the advantages and disadvantages of each method.
[1] Igor Sfiligoi,et al. Flexible session management in a distributed environment , 2010, ArXiv.
[2] Dmitry Namiot,et al. On micro-services architecture , 2014 .
[3] Dmitry Namiot,et al. Micro-service Architecture for Emerging Telecom Applications , 2014 .
[4] Xin Hua Li. The Design of Digital Campus Unified Identity Authentication System Based on Web Services , 2013 .