Modern Large Applications
Security Assertion Markup Language (SAML)
https://developers.onelogin.com/saml
SAML Tutorial: How SAML Authentication Works - SAML 2.0 SSO Flow Diagram
Security Assertion Markup Language (SAML) is a standard for logging users into applications based on their sessions in another context. This single sign-on (SSO) login standard has significant advantages over logging in using a username/password:
-
No need to type in credentials
-
No need to remember and renew passwords
-
No weak passwords
Most organizations already know the identity of users because they are logged in to their Active Directory domain or intranet. It makes sense to use this information to log users in to other applications, such as web-based applications, and one of the more elegant ways of doing this is by using SAML.
SAML is very powerful and flexible, but the specification can be quite a handful. OneLogin’s open-source SAML toolkits can help you integrate SAML in hours, instead of months. We’ve come up with a simple setup that will work for most applications.
5 Steps to Add Modern Authentication to Legacy Apps Using JWTs
https://auth0.com/blog/5-steps-to-add-modern-authentication-to-legacy-apps-using-jwts/
REST vs. SOAP
https://auth0.com/learn/rest-vs-soap/
- traditional cookie-based authentication
- traditional session-based authentication
- token-based authentication
- save the JWT as a Cookie
Questions:
- use jQuery to make the AJAX calls
- how to protect your RESTful API with JWT
1) Traditional Web Applications
What's different between Sessions & Cookies?
2) Modern Web Applications
How to use cookies to handle JWTs?
