security - Separate authentication server for users and APIs -


i'm working on cloud service authentication system , i'm not entirely sure optimal way handle authenticating requests is. we're planning run our image server separate process our api server can scale them independently of each other. handling request authentication api keys simple, because can have image server store own api key , check requests provide in header (over https obviously), same api server. users though gets more complex.

right have setup api server handle generating session token , storing users in database, we'd use 3 servers:

  • authentication server
  • api server
  • image server

and have image , api servers authenticate requests against authentication server. how should done though? seems bad idea performance-wise hit authentication server every request api , image servers make. can/should token verified different server created on?

so example: can/should pass token received authentication server image server, verify token came "my.auth.server" , check user id right one? jwts type of token this?


-

Comments

Post a Comment

Popular posts from this blog

java - Jasper subreport showing only one entry from the JSON data source when embedded in the Title band -

Image
i having issues populating data in subreport in title band of main report. data populated correctly in subreport in detail band of main report. trying find wrong in json query. appreciated. json sample data source (expenses.json) { "expenses": { "date": "8 sep 2016", "accounts": [ { "title": "xyz corp (111)", "accountname": "xyz corp", "accountnumber": "111", "transactions": [ { "date": "21 jun 2016", "name": "gas", "price": "17.50" }, { "date": "12 may 2016", "name": "shopping", "price": "111.99" }, { "date": "30 apr 2016", "name"
Read more

mapreduce - Resource manager does not transit to active state from standby -

one spark job running more 23 days , caused resource manager crash. after restarting resource manager istance (there 2 of them in our cluster) both of them stayed in standby state. and getting error: error org.apache.hadoop.yarn.server.resourcemanager.resourcemanager failed load/recover state org.apache.hadoop.yarn.exceptions.yarnexception: application id application_1470300000724_40101 present! cannot add duplicate! we not kill 'application_1470300000724_40101' yarn resource manager not working. killed instances unix level on nodes dint work. have tried rebooting nodes , still same. somewhere 1 entry of job still there , preventing resource manager elected active. using cloudera 5.3.0 , can see issue has been addressed , resolved in cloudera 5.3.3. @ moment need workaround past now. to resolve issue can format rmstatestore executing below command: yarn resourcemanager -format-state-store but careful clear application history executed befor
Read more

serialization - Convert Any type in scala to Array[Byte] and back -

i have following question: i have variable value in program declared value. i want convert value byte array.. how can serialize byte array , back? found examples related other types such double or int, not any. this should need. it's pretty similar how 1 in java. import java.io.{bytearrayinputstream, bytearrayoutputstream, objectinputstream, objectoutputstream} object serialization extends app { def serialise(value: any): array[byte] = { val stream: bytearrayoutputstream = new bytearrayoutputstream() val oos = new objectoutputstream(stream) oos.writeobject(value) oos.close stream.tobytearray } def deserialise(bytes: array[byte]): = { val ois = new objectinputstream(new bytearrayinputstream(bytes)) val value = ois.readobject ois.close value } println(deserialise(serialise("my test"))) println(deserialise(serialise(list(1)))) println(deserialise(serialise(map(1 -> 2)))) println(deserialise(seri
Read more