jbspeakr.cc

Clean Code. Web. Security.

JSON Web Tokens or just JWTs (pron. [ˈdʒɒts]) are the new fancy kids around the block when it comes to transporting proofs of identity within an untrusted environment like the web. In this article, I will describe the true purpose of JWTs. I will compare classical, stateful authentication with modern,...

Often supporting open source software is just fixing one tiny thing you stumbled upon. However, getting ready and diving into even the smallest piece of source-code can lead to surprising results. I fixed a small HTTP header extractor for the Spring Security OAuth project recently. Here’s what happened.

Finally, I managed to come up with a name for my regular reading tips series which will feature both, latest info around recent events & incidents (especially when it comes to identity and security topics) as well as long running articles I strongly advice to read… it’s simply called Readme....

JSON Web Tokens (JWTs) are the new and fancy de-facto standard in the web. JWTs are the tool of choice when it comes to authentication in an stateless environment. That has two direct implications: