Filter in a project that consists of several projects and that are executed in different ports (Spring Boot)

Question

Filter in a project that consists of several projects and that are executed in different ports (Spring Boot)

Asked 7 years, 3 months ago

Viewed 64 times

0

I wonder if there is how (and how I can) develop an application that consists of several other applications and to access these other parts of the application I need to have logged in.

I believe that this concept is connected to Microservices or am I mistaken? It is possible to develop this developer that will check the logins in the projects that run on these ports?

Yes it has how to do, the most primitive form is with an Httpclint, but there are implementations that abstract a little this.

– Marcondes

2017/07/01 at 10:36
Can you comment a little more? or send a link reference?

– Edward Segnowd

2017/07/02 at 00:56
Welcome to [en.so]! Just to conceptualize things, what you’re describing is called microservices, several small cooperating services, with single-Sign-on (or SSO) - a login goes for all applications. Unfortunately I don’t have time to elaborate a complete response on the subject, but a start would be to have an application responsible for the login that generates a token for the customer that is then validated when the request goes to other services.

– utluiz

2017/07/03 at 00:49

1 answer

Browser other questions tagged java spring spring-boot microservices

You are not signed in. Login or sign up in order to post.

by utluiz • **72,075** points · Answer 1 · 2017-07-03T00:57:19+00:00

Splitting an application into smaller ones is part of the concept of Microservices, but that’s not all. There are several definitions, but one important is that each microservice should reflect a relevant aspect of the system.

Communication between services is usually done using HTTP and some higher-level protocol. It may be a ad hoc with REST and even JSON or something more elaborate like Google Protobuf.

When it comes to authentication, you can study theAuth and look for some implementation of Single Sign-On (SSO). There are several ways to implement this and there are some frameworks ready (I remember the Josso, but it’s been a while, there must be something better today).

The basic functioning is more or less like this:

Users authenticate to the SSO server and return a token to the client/user/browser.
With each request for another service, the customer includes the token.
Other services validate with the SSO server if the token is actually valid.

But, remembering, all this can be abstracted. There are even some services available on the internet that can be used if you want more productivity to focus on the business and not waste time creating your own solution, such as Auth0.

A common technique in Microservices is to create an "Façade" service containing the entire external API of your application. She may be responsible for authenticating and authorizing each request. So you don’t need to expose each service on the internet at different ports and the implementation of Microservices becomes transparent to customers.