How to Solve Real-Time Auth Without Having to Sacrifice Performance

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/60/df/2b/60df2bb8-2147-b9e8-913b-86d510b61e86/mza_17412288464533967037.jpg/600x600bb.jpg

Programming Tech Brief By HackerNoon

HackerNoon

450 episodes

1 day ago

Learn the latest programming updates in the tech world.

All content for Programming Tech Brief By HackerNoon is the property of HackerNoon and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Learn the latest programming updates in the tech world.

Technology

Education,

Language Learning

https://img.transistor.fm/VoFm7fuIRSe0bVuCLXCGOKHq9w37MEu2fHIxcnKrtn0/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS83OWU3/N2M5Y2ViY2Q5Y2Yy/MDcwNzVjMjk1NzUy/MWIwNy5qcGVn.jpg

How to Solve Real-Time Auth Without Having to Sacrifice Performance

Programming Tech Brief By HackerNoon

13 minutes

1 week ago

How to Solve Real-Time Auth Without Having to Sacrifice Performance

This story was originally published on HackerNoon at: https://hackernoon.com/how-to-solve-real-time-auth-without-having-to-sacrifice-performance.
I will walk you through, step-by-step, how to build a fully functional, high-performance WebSocket server in Symfony that is secured by Keycloak.
Check more stories related to programming at: https://hackernoon.com/c/programming. You can also check exclusive content about #symfony, #keycloak, #websocket, #jwt, #security, #php, #websockets, #jwt-authentication, and more.

This story was written by: @mattleads. Learn more about this writer by checking @mattleads's about page, and for more stories, please visit hackernoon.com.

In today’s enterprise world, authentication is almost always delegated to a central, external server: an SSO provider like Keycloak. The obvious answer, token introspection, is a performance-bottleneck nightmare. We will not be making any blocking API calls. Instead, we will perform local, cryptographic validation of KeyCloak’S JWTs using their public JSON Web Key Set.