Cross-domain security access API
oauth2 is a user authorization criteria, jwt standard token is to convey a message of, shiro an authorization framework
1、JWT
JSON Web Token (JWT) is an open standard (RFC 7519), which defines a compact, self-contained manner, for as JSON object securely transfer information between the parties. This information can be verified and trusted, since it was digitally signed.
Encryption, decryption, and other development kits, please refer to the examiner net: https://jwt.io/
"Isolated front and rear ends of JWT User Authentication"
2、OAuth2
OAuth2 is an authentication framework, JWT is an authentication protocol
Either way, make sure to use HTTPS to ensure the security of data
OAuth2 used in the case of using a third-party account login (such as using weibo, qq, github log in to a app) , while the rear end is separated JWT, simply to use the API protective front of the background.