Hello I've been reading about kafka and its use in a distributed system, authentication handling remains a mystery to me.
Indeed, when the user connects to the website, many services are triggered : how do they make sure the user is authenticated and authorized ? I mainly see two options : - each service asks an "authentication service" : sounds simple but may trigger a lot of traffic, to the point it doesn't seem practical for the scale of systems kafka aims for, - each service listens for "authentication events" : sounds more intriguing than the above but implies lot of consumers and quite some requirement regarding freshness of the data. In the end, these options doesn't sound right. Another way I could come up with is a gateway between the client and the services : the gateway would ensure authentication and the like and only forward to the relevant services. This solution feels nice since it avoids plenty of round-trips or listening, it feels tricky to implement (what about scalability & single point of failure matters for example ? In the end I'm really wondering how to best tackle the issue: any advice, hint or info on how they do it at linkedin? Thanks in advance, best, Joseph
