From the course: Java EE 8: Web Services
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Security using the JWT API - Java EE Tutorial
From the course: Java EE 8: Web Services
Security using the JWT API
- [Instructor] Sometimes as an API consumer using the username and password to authenticate can be a drag, you know? On the client side, every request will need to contain the username and password so every request is an opportunity for a malicious entity to grab those details and gain permanent access to the RESTful resource. On the server side, it can be even more of a drag, the REST service will need to perform an authentication lookup for every request when presented with the username and password pair. That means you're going to be going to a database or other data source, and wasting time looking up credentials. Well, what about HTTP sessions? Well, yeah. You could track individual clients with their respective HTTP sessions, but that means you will just have to deal with session replication in a clustered or cloud environment. The traditional authentication mechanisms impose real limitations on scalability for…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.