Java Magazine, Nov/Dec 2017
ORACLE COM JAVAMAGAZINE NOVEMBER DECEMBER 2017 65 java ee MicroProfile Security Security in a microservices based architecture mostly resembles RESTful service security methodologies RESTful services are usually stateless therefore the security context will be re created on every request with the provided token from the client The MicroProfile Security specification follows this token based approach by employing JSON Web Tokens JWTs for handling authentication and role based authorization An example of the JWT token format is shown in Listing 15 Listing 15 iss https server example com sub 24400320 preferred_ username jdoe aud s6BhdRkqt3 nonce n 0S6_ WzA2Mj exp 1311281970 iat 1311280970 auth_ time 1311280969 realm_ access roles role in realm user manager resource_ access my service roles role in my service The industry is shifting its course from monolithic architectures to more microservices based models and new specifications in the Java EE ecosystem are now on the horizon to meet those needs
You must have JavaScript enabled to view digital editions.