Hacker News new | past | comments | ask | show | jobs | submit login

One alternative to centralized role servers is to use client certificates. I've used x509 certs for this purpose. They are pretty hairy, but so is rolling your own authentication/authorization/token system.



Another alternative is JSON Web Tokens. Many of the benefits of Client Certificates while avoiding many of the hardships.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: