2.2. Security fundamentals
This section will discuss two fundamental security services also supported by WebSphere Application Server:
Authentication
Authorization
2.2.1. Authentication
Authentication is the process of establishing whether a client is valid in a particular context. A client can be either an end user, a machine or an application.
Definition
A realm is a collection of users that are controlled by the same authentication policy.
The authentication process involves gathering some unique information from the client.
There are three major groups of secure authentication used to gather this unique information:
Knowledge-based - user name and password, for example.
Key-based - physical keys, encryption keys, key cards.
Biometric - finger ...
Get IBM WebSphere V5.0 Security: WebSphere Handbook Series now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.