Security Concepts
Authentication
Authentication is the process of identifying a subject and verifying the authenticity of the identification information.
The most common authentication mechanism is username/password. Other mechanisms are available: public key, shared key, smart cards, etc.
In the context of JEE declarative security, the result of a successful authentication is called a principal.
Related subjects: HTTP Authentication.
Authorization
Authorization is the mechanism for granting or denying access to a resource based on identity.
In JEE, this is usually implemented by matching a principal with a set of actions they are or are not allowed to perform. This mapping is referred as a role.
!!!Encryption
|[CryptographicAlgorithms#EncryptionAndDecryption]
!!!SSL/TLS
|[SSL/TLS|SSLTLS#Overview]
!!!SSO
|[Single Sign-On]
!!!LDAP
|[LDAP]
__Referenced by:__\\ [{INSERT com.ecyrd.jspwiki.plugin.ReferringPagesPlugin WHERE max=20, maxwidth=50}]