2 views collected around this technical thread.
This article explains how JWT provides stateless authentication while Session adds an extra security layer and lifecycle management, and demonstrates their combined use with Java code to achieve both scalability and fine‑grained control over user sessions.
This article explains core microservice design principles—including the AKF scalability cube with its Y (functional), X (horizontal scaling), and Z (data partition) axes, front‑end/back‑end separation, stateless service architecture, and RESTful communication—providing practical guidance for building scalable, maintainable systems.
This article explains microservice architecture fundamentals, covering the AKF scalability cube split principle, front‑end/back‑end separation, stateless service design, and RESTful communication, illustrating Y, X, Z axes for functionality, horizontal scaling, and data partitioning with diagrams and practical examples.
JSON Web Token (JWT) is a compact, self‑contained, stateless token that encodes header, payload, and signature in Base64URL, enabling secure, signature‑verified authentication without server‑side session storage, simplifying scaling, supporting cross‑domain use, while offering advantages like lightweight extensibility and drawbacks such as revocation difficulty and secret‑key reliance.
The article explains why Spring StateMachine is heavyweight and thread‑unsafe for high‑concurrency order management, introduces the open‑source COLA stateless state machine as a simpler, lock‑free solution, and provides detailed design principles, core concepts, and extensive Java code examples.
This article critically examines the common misconceptions about JWT advantages, explains the security and practical drawbacks of using JWT for session management, and outlines the scenarios where JWT is appropriate, such as short‑lived, one‑time authorization tokens.
This article traces the evolution from simple web page browsing to modern token‑based authentication, explaining the scalability and security problems of server‑side sessions and showing how signed, stateless tokens using HMAC‑SHA256 eliminate those issues while supporting horizontal scaling and cross‑platform access.
This article explains the concept of transient clusters and the Stateless architecture in Volcano Engine's EMR platform, compares Stateless with traditional Stateful approaches, outlines its evolution, core components, elastic scaling features, and the business value of cost‑effective, on‑demand big‑data processing.
This article explains why HTTP is a stateless protocol, introduces authentication and authorization concepts, and compares cookies, sessions, and token-based mechanisms such as JWT, detailing their characteristics, workflows, and security considerations for modern web applications.
This article critiques the over‑idealization of object‑oriented programming, explaining how inheritance can create tight coupling and hidden bugs, why encapsulation may leak state, the limits of polymorphism, and how modern stateless service architectures favor composition and functional approaches.
This article presents a comprehensive set of practical microservice design guidelines—including stateless services, front‑back separation, domain‑driven business abstraction, use‑case and entity convergence, high cohesion, low coupling, vertical and horizontal slicing, and team self‑organization—to help architects build scalable, maintainable backend systems.
This article explains why HTTP is a stateless protocol and how authentication and authorization are achieved using cookies, sessions, and token-based mechanisms such as JWT, detailing their characteristics, workflows, and security considerations for modern web applications.
This article uses ten vivid real‑life analogies to clarify essential interview topics such as HTTP statelessness, serialization, rate limiting, TCP handshakes, thread‑pool mechanics, flow‑control windows, BIO/NIO/AIO differences, deadlocks, and the select versus epoll model, helping readers grasp complex computing concepts through familiar scenarios.
The article outlines practical principles for building scalable, stateless backend architectures—choosing the right tools, using multiple servers, applying caching and rate limiting, delegating responsibilities to databases, handling large data volumes, and presenting example configurations from small to massive deployments.
The article explains that migrating legacy monolithic systems to the cloud is far from a simple lift‑and‑shift, highlighting the pitfalls of inflexible on‑premise infrastructure, the importance of horizontal scaling, stateless application design, micro‑service decomposition, and asynchronous communication to fully leverage cloud elasticity and cost efficiency.
This article explores what “state” means in the HTTP protocol, clarifies the concepts of statelessness and connection‑lessness, demonstrates their impact through a simulated shopping‑cart scenario, and explains how cookies and sessions introduce state to enable practical web interactions.
This article traces the evolution from early stateless web browsing to modern token‑based authentication, explaining how session management challenges led to centralized stores, their drawbacks, and how signed tokens using HMAC‑SHA256 provide a scalable, secure, and truly stateless alternative.
The article traces the history of web session handling from simple stateless requests through the challenges of scaling session IDs, explains why token‑based authentication (e.g., JWT) offers a stateless, scalable, and more secure alternative, and outlines its core principles and advantages.
This article explains how to build a high‑availability service layer for large‑scale web systems by vertically splitting business domains, adopting stateless design, configuring timeouts, using asynchronous messaging, ensuring idempotent operations, and applying service degradation techniques to maintain stability during traffic spikes.
The article traces the history of web session handling, explains the scalability and security challenges of server‑side sessions, and introduces stateless token‑based authentication using signed HMAC‑SHA256 tokens as a modern solution for scalable, secure web applications.