| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font

Search the digital library catalog Help

Query: search in
search in
search in
search in
* old and bologna study programme


1 - 5 / 5
First pagePrevious page1Next pageLast page
Comparison of JWT and OAuth 2.0 for authorisation and authentication in rest services
Vid Visočnik, 2018, master's thesis

Abstract: The thesis addresses the area of using token authentication and authorisation for software products that, for synchronization and communication purposes, take advantage of underlying REST services. Given that REST service focuses on the use of HTTP protocols, and that REST in its own principle requires being stateless, developers need to address issues regarding user identification, authentication, and authorisation in a stateless manner. In the thesis, we will also show the proper use of security protocols that are part of the HTTP specification, and how to transmit and encrypt sensitive data properly between two endpoints. We will do so by implementing a server and client and, furthermore, present the communication flow needed for ensuring a strong security policy that prevents system vulnerabilities and security flaws by implementing REST service that is stateless and, for the purpose of user identification, uses two of the most common token authentication implementations, OAuth 2.0 and JWT. Furthermore, we will compare the basic principles and concepts of the two user identification frameworks and analyse the benefits of both structurally and what to use in which given situation.
Keywords: REST services, OAuth 2.0, JWT, token authentication, communication security, authorisation, authentication
Published in DKUM: 17.07.2018; Views: 1085; Downloads: 257
.pdf Full text (3,43 MB)

Search done in 0.08 sec.
Back to top
Logos of partners University of Maribor University of Ljubljana University of Primorska University of Nova Gorica