Session is dead - Long live JWT

Track

Web and Mobile

Date and time

Thursday, 11. May 2017., 15:00

Room

Hall A

Duration

45'

In Software Development things are continuously changing.Requirements change, technologies change, methodologies change.Solutions that were completely fine just a moment ago, can prove to be a source of great pain now.And one of those solutions that worked perfectly just last week, but isn't that perfect now is Session.We all now that HTTP is a Stateless protocol, so we (as smart as we are) figured out a way to bypass this limitation by introduction Session cookies.But in recent years we discovered that hacking protocols (HTTP) has it's price.We found out we have a problem with Session hijacking.We also have a problem with Session replication in clusters.And with the rise of single-page Apps and BaaS (Backend as a Service) we found out we have yet another problem on our hands.So the smart IT community decided it's time to take a different approach in solving this issue.Enter JWT (JSON Web Token) - a Stateless solution to a Stateful problem.JavaScript community is already using JWT quite extensively, and now it's time for us to do the same (we don't want to be worse than them, do we?).In this lecture we'll take a look at what JWT actually is and how can we use it in our projects.We'll also talk about when JWT is a good fit for us and when it is not.And finally we'll try to summarize what problems JWT solves (and what problems it creates).

Lecture details

Type: Lecture
Level of difficulty: General
Experience Level: No experience
Desirable listeners function: Developer , System Arhitect , Project leader

About speaker