FindPage
View Source:
RobertButler/Authentication
Note:
You are viewing an old version of this page.
View the current version.
!!! [HMAC Authentication|RobertButler/Authentication] Authentication System: * Token-based * Tokens expire * If the token expires, session information gathered from the client is re-validated against the database * If authentication succeeds, the life of the token is extended. * If authentication encounters a problem, the user is prompted to re-present their authentication credentials. * The by-product of authentication gives the user a token, were their (cached) authorization infomation is stored. * Tokens have an optional lifetime that is specified by the client and have a maximum lifetime specified by the container that created it. * Authentication in one Domain may or may not facilitate authentication (methods) which may or may not provide authentication inside other domains * Authentication information is not just limited to Login names and Passwords, however. * Domains are a grouping of * Authentication credentials, comprising of one or more * User Accounts * Passwords * Application-specific authentication methods * User preferences * User account settings !!! [HMAC Authorization|RobertButler/Authorization]