Spring Security with Custom REST Token and Dynamic Role Managment
What is Stateless Authentication When working web applications in java we usually keep authentication information or user identity inside the session scope. which is unique to the user. this works well if you have one single server. Fully functional code available at below repositoty https://github.com/trvajjala/spring-rest-template.git when load on the server increase we do scaling out (also called horizontal scaling ) means we will add multiple servers with the same application to serve the requests. in-front of this we introduce load balancer. load balancer will uses round -robin algorithm kind of algorithms and divert user to different servers depending on the load. here comes the issues. if the user authenticated with into one systems. and load on that system increase load balancer send request to another server which fails authentication and asks for credentials again which is bad user experience. :( Ah ! we have solution too here. we have c