Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
homakov
9y ago
0 comments
Save
Share
But apigee becomes a man in the middle, which is very bad for your security.
0 comments
2 comments · 1 top-level
top
newest
oldest
fixermark
9y ago
· 1 in thread
I imagine it's a tradeoff. It's worse for your security if you try to roll your own auth/auth solution and botch it.
homakov
OP
9y ago
Auth is a routine job, only a really silly developer manages to make simple token auth vulnerable. There's no a "tradeoff" in leaving auth to MitM because it's "hard", oh also there's bunch of libraries out there doing it for you on your servers.
j
/
k
navigate · click thread line to collapse
