Enhance authentication - Githubissues

sczyh30 / vertx-blueprint-microservice

Vert.x Blueprint Project - Micro-Shop microservice application

Apache License 2.0

774 stars 302 forks source link

Enhance authentication #5

Open sczyh30 opened 8 years ago

sczyh30 commented 8 years ago

Current authentication implementation in the API Gateway is not very concise, and only supports Keycloak via Vert.x OAuth 2. So it's necessary to enhance the implementation of authentication. Maybe an individual authentication component is needed.

a-marcel commented 7 years ago

Hi,

if you change the auth maybe you can consider that it could be possible that a microservice is reachable without the API Gateway.

For decoupling the services and prevent problems with the api gateway (single point of failure), it could be possible that the clients goes directly to some microservices with the same token/session id.

From my point of view the usage of vertx JWT is a good idea too.

Thanks Marcel

Romeh commented 7 years ago

yes JWT would be a better choice if you go with clean clean micro services design for service to service API trust