My problem is simple. I have a service oriented architecture where one of the

Question

0

Asked: June 11, 20262026-06-11T23:56:42+00:00 2026-06-11T23:56:42+00:00

My problem is simple. I have a service oriented architecture where one of the

0

My problem is simple.
I have a service oriented architecture where one of the servers is an auth server.
Users are authenticating with HTTPS in this server and then go to other servers with a token to get services.

My solution idea was this:
The auth server will generate two cookies, one with the actual data of the user (user GUID / session expiration date and privileges)
And another cookie with an encrypted token that includes the actual data (with some salt) encrypted with a private key.

Each server in the system will be able to make sure that the user is how it claims to be with the two cookies and the public key.

I need an example for such a code (or maybe a better solution if I missed anything)

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-11T23:56:44+00:00

Editorial Team

2026-06-11T23:56:44+00:00Added an answer on June 11, 2026 at 11:56 pm

I don’t think you need to reinvent the wheel, you could simply use CAS for this single sign on functionaliy.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

My problem is simple. I have a service oriented architecture where one of the

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply