Differences between version 8 and predecessor to the previous major change of RobertButler/Authentication.
Other diffs: Previous Revision, Previous Author
Newer page: | version 8 | Last edited on Thursday, 13 March 2008 5:30:43 | by RobertButler | Revert |
Older page: | version 7 | Last edited on Thursday, 13 March 2008 5:29:37 | by RobertButler | Revert |
@@ -4,9 +4,9 @@
* Tokens expire
* If the token expires, session information gathered from the client is re-validated against the database
* If authentication succeeds, the life of the token is extended.
* If authentication encounters a problem, the user is prompted to re-present their authentication credentials.
- * The by-product of authentication gives the user a token, by which they
+ * The by-product of authentication gives the user a token, were their (cached) authorization infomation is stored.
* Tokens have an optional lifetime that is specified by the client and have a maximum lifetime specified by the container that created it.
* Authentication in one Domain may or may not facilitate authentication (methods) which may or may not provide authentication inside other domains
* Authentication information is not just limited to Login names and Passwords, however.
* Domains are a grouping of
version 8
HMAC Authentication
- Authentication System
Token-based
- Tokens expire
If the token expires, session information gathered from the client is re-validated against the database
- If authentication succeeds, the life of the token is extended.
- If authentication encounters a problem, the user is prompted to re-present their authentication credentials.
- The by-product of authentication gives the user a token, were their (cached) authorization infomation is stored.
- Tokens have an optional lifetime that is specified by the client and have a maximum lifetime specified by the container that created it.
- Authentication in one Domain may or may not facilitate authentication (methods) which may or may not provide authentication inside other domains
- Authentication information is not just limited to Login names and Passwords, however.
Domains are a grouping of
Authentication information, comprising of one or more
- User Accounts
- Passwords
- Application-specific Auth information
- User preferences
- User account settings