Answer the question
In order to leave comments, you need to log in
Do I understand correctly how oauth2 works in cxf?
According to this documentation cxf.apache.org/docs/jax-rs-oauth2.html the user must first be authenticated, then get an access_token via the AccessTokenService.
Do I understand correctly that in the case of microservices, you need to write a service that will first authenticate, for example, with a servlet or Basic authentication, then the client climbs to the AccessTokenService address and receives an access_token and with this acess_token already addresses all other microservices that require access restrictions, which will be checked by the filter this access_token for correctness?
And the second question: what is grant_type=password for? It seems like the username and password are transmitted there. Does it replace a hosted servlet (or something similar) for authentication?
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question