Note: You are viewing an old version of this page. View the current version.

Differences between version 7 and revision by previous author of RobertButler/Authentication.

Other diffs: Previous Major Revision, Previous Revision

Newer page: version 7 Last edited on Thursday, 13 March 2008 5:29:37 by RobertButler Revert
Older page: version 3 Last edited on Thursday, 28 February 2008 0:15:44 by CyberLeo Revert
@@ -1,14 +1,20 @@
 !!! [HMAC Authentication|RobertButler/Authentication] 
 Authentication System: 
  * Token-based 
- * Tokens can optionally live for an amount of time specified by the client, but have a maximum lifetime specified by the container which created it.  
-  
-Domains:  
- * Are a grouping of  
- * [Users and Passwords]  
- * [Preferences]  
- * And various other [HMI Configuration Settings]  
- * Authentication in one Domain may or may not enable authentication methods which may or may not provide authentication in other domains  
- 
+ * Tokens expire  
+ * If the token expires, session information gathered from the client is re-validated against the database  
+ * If authentication succeeds, the life of the token is extended.  
+ * If authentication encounters a problem, the user is prompted to re-present their authentication credentials.  
+ * The by-product of authentication gives the user a token, by which they  
+ * Tokens have an optional lifetime that is specified by the client and have a maximum lifetime specified by the container that created it.  
+ * Authentication in one Domain may or may not facilitate authentication ( methods) which may or may not provide authentication inside other domains  
+ * Authentication information is not just limited to Login names and Passwords, however.  
+ * Domains are a grouping of  
+ * Authentication information, comprising of one or more  
+ * User Accounts  
+ * Passwords  
+ * Application-specific Auth information  
+ * User preferences  
+ * User account settings  
  
 !!! [HMAC Authorization|RobertButler/Authorization] 

version 7

HMAC Authentication

Authentication System

  • Token-based

    • Tokens expire

    • If the token expires, session information gathered from the client is re-validated against the database

      • If authentication succeeds, the life of the token is extended.
      • If authentication encounters a problem, the user is prompted to re-present their authentication credentials.
  • The by-product of authentication gives the user a token, by which they
  • Tokens have an optional lifetime that is specified by the client and have a maximum lifetime specified by the container that created it.
  • Authentication in one Domain may or may not facilitate authentication (methods) which may or may not provide authentication inside other domains
  • Authentication information is not just limited to Login names and Passwords, however.

  • Domains are a grouping of

    • Authentication information, comprising of one or more

      • User Accounts
      • Passwords
      • Application-specific Auth information
    • User preferences
    • User account settings

HMAC Authorization