I was wondering if Spring Boot SSO implementation is based on JWT or keeps the session open in the server memory?
Thanks in advance.
Asked
Active
Viewed 1,194 times
0
Rahul Kargwal
- 487
- 1
- 5
- 20
DavidSoles
- 57
- 1
- 1
- 8
-
If you're referring to OAuth2 SSO, it does not use JWT by default (although JWT can be switched on), but tokens based on GUID which have to be verified with auth server every time. The rest of your question is vague. – Vasan Feb 13 '18 at 18:28
1 Answers
1
The answer would depend on which Spring implementation you are referring to
I would discuss more on the latter i.e. OAuth and in that you have multiple options. You can use the in-memory token store to debug and test it out, but for production implementations, you can use different token stores. JWT and JDBC are pretty popular in my experience.
Rahul Kargwal
- 487
- 1
- 5
- 20