Authentication -security component, JAVA Programming

Authentication is basically an identification step.

Functionality used for J2EE security:

Principal: An entity that may be authenticated and identified.

Principal name: Identity of a principal like user id and password.

Credential: Information like certificate or password, which may authenticate a principal.

Subject: A set of rules and their credentials associated with a thread of execution.

Authentication: The steps by which a server verifies the identity represented by a user through certificate or username/userid and password. E.g: the password and username supplied by the user may be checked against a database server or an LDAP server to verify he is whom he claims to be.

Authentication methods:

Basic/Digest authentication: Browser password and specific is encoded using Base-64 encoding.Digest is same to basic but shielded the password through encryption. This is a simple challenge- respond scheme where the client is challenged for a password and user id. The Internet is broken into realms. 

Form-based authentication: Most Web applications give  the  form-based authentication since it allows applications to modifies the authentication interface. Uses base64 encoding, which may expose password and username unless all connections are over SSL.

Certificate based authentication: Uses SSL and PKI. This is by far the most secured authentication function. A user must give x.509 certificate to verify with the server.

 

Posted Date: 7/27/2012 6:00:54 AM | Location : United States







Related Discussions:- Authentication -security component, Assignment Help, Ask Question on Authentication -security component, Get Answer, Expert's Help, Authentication -security component Discussions

Write discussion on Authentication -security component
Your posts are moderated
Related Questions
A point-to-point model is based on the concept of a message queue: Senders send messages into the queue, and the receiver reads messages from this queue. In the point-to-point mode

What are the types of Dependency Injection Spring supports? Ans) there are two types of Dependency Injection Spring a)  Setter Injection: b)  Constructor Injection:

Develop a code for fibonacci series

how do I use constructors in java and how do I apply them

You have recently joined a games company. The SQA manager has given you the task of improving the code quality of simple games. This is a standard task which the SQA manager gives

What is the difference between an Interface and an Abstract class? An abstract class can have instance methods that execute a default behavior. An Interface can only declare co

Describe even higer dimensions in java? You don't have to stop along with two dimensional arrays. Java allows arrays of three, four or more dimensions. Therefore chances are pr

Explain the Order of Evaluation of Logic Operators ? When Java sees a && operator or a ||, the expression on the left side of the operator is evaluated first. For instance, con

What is an object's lock and which objects have locks? An object's lock is a mechanism that is used by multiple threads to get synchronized access to the object. A thread may i

Question: a) Authentication relies on standards and protocols that are used to confirm the identity of a user or object. Windows Server 2003 supports several types of network