Note: You are viewing an old version of this page. View the current version.

Differences between version 9 and previous revision of RobertButler/Authentication.

Other diffs: Previous Major Revision, Previous Author

Newer page: version 9 Last edited on Thursday, 13 March 2008 5:32:45 by RobertButler Revert
Older page: version 8 Last edited on Thursday, 13 March 2008 5:30:43 by RobertButler Revert
@@ -9,12 +9,12 @@
  * Tokens have an optional lifetime that is specified by the client and have a maximum lifetime specified by the container that created it. 
  * Authentication in one Domain may or may not facilitate authentication (methods) which may or may not provide authentication inside other domains 
  * Authentication information is not just limited to Login names and Passwords, however. 
  * Domains are a grouping of 
- * Authentication information , comprising of one or more 
+ * Authentication credentials , comprising of one or more 
  * User Accounts 
  * Passwords 
- * Application-specific Auth information  
+ * Application-specific authentication methods  
  * User preferences 
  * User account settings 
  
 !!! [HMAC Authorization|RobertButler/Authorization] 

version 9

HMAC Authentication

Authentication System

  • Token-based

    • Tokens expire

    • If the token expires, session information gathered from the client is re-validated against the database

      • If authentication succeeds, the life of the token is extended.
      • If authentication encounters a problem, the user is prompted to re-present their authentication credentials.
  • The by-product of authentication gives the user a token, were their (cached) authorization infomation is stored.
  • Tokens have an optional lifetime that is specified by the client and have a maximum lifetime specified by the container that created it.
  • Authentication in one Domain may or may not facilitate authentication (methods) which may or may not provide authentication inside other domains
  • Authentication information is not just limited to Login names and Passwords, however.

  • Domains are a grouping of

    • Authentication credentials, comprising of one or more

      • User Accounts
      • Passwords
      • Application-specific authentication methods
    • User preferences
    • User account settings

HMAC Authorization