Pages: 1

#1 2017-12-21 09:27:42

keinn
Member
Registered: 2014-10-20
Posts: 100

Multi TSQLRestServer Auth question

if you have more than one TSQLRestServers added to TSQLHttpServer,
then the client has to Auth multiple times?
-say we build a SOA based system . each TSQLRestServer serv some services,
eg restserverA do the inventory service , RestserverB do the finance service etc,
and they all added to the same TSQLHttpServer.

i know we could do all those  in a single TSQLRestServer by implement different interface groups,
but we want the system deployed as DEcoupled as possible, so at the begining ,
we need to implement them in diffrent restservers attached to single TSQLHttpServer.
then we have the auth problem.

Offline

#2 2017-12-21 09:44:01

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,242
Website

Re: Multi TSQLRestServer Auth question

Each TSQLRestServer has its own sessions, so expects its own authentication.

For complex SOA systems (e.g. with microservices), the idea is to use a composition service as front-end.
The client don't connect to the microservices directly, but to a composition/orchestrator API gateway, with a single session and auth.
See e.g. my slides https://synopse.info/files/ekon21/EKON2 … etsSOA.pdf

Your idea to have different servers attached is in fact making more coupling, not less.
Today SOA best practices favor the use of an API gateway.

If you really want to access several microservices, define your own authentication class, using e.g. a shared JWT instead of the default authentication mechanism.
You may use TSQLRestServer.JWTForUnauthenticatedRequest property for that.
But then you will have no session, just a stateless approach (which fits what most Microservices offer).

Offline

Pages: 1

Board footer

Powered by FluxBB