How to Solve Real-Time Auth Without Having to Sacrifice Performance
Description
This story was originally published on HackerNoon at: https://hackernoon.com/how-to-solve-real-time-auth-without-having-to-sacrifice-performance.
I will walk you through, step-by-step, how to build a fully functional, high-performance WebSocket server in Symfony that is secured by Keycloak.
Check more stories related to programming at: https://hackernoon.com/c/programming.
You can also check exclusive content about #symfony, #keycloak, #websocket, #jwt, #security, #php, #websockets, #jwt-authentication, and more.
This story was written by: @mattleads. Learn more about this writer by checking @mattleads's about page,
and for more stories, please visit hackernoon.com.
In today’s enterprise world, authentication is almost always delegated to a central, external server: an SSO provider like Keycloak. The obvious answer, token introspection, is a performance-bottleneck nightmare. We will not be making any blocking API calls. Instead, we will perform local, cryptographic validation of KeyCloak’S JWTs using their public JSON Web Key Set.
![Clean Code: Interfaces in Go - Why Small Is Beautiful [Part 3]](https://img.transistor.fm/L1TIkcfWlXcdwN4H5_yxz3C_T_bYWcn1ZDA_mLJ4xkY/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9hY2E4/NGViYmNkNWZkNDIw/NWZkMmM5NjQ0ZWNm/ZjgwOC5wbmc.jpg "Clean Code: Interfaces in Go - Why Small Is Beautiful [Part 3]")
United States
