Authentication, Identification, and Client Data
One important distinction that eludes some Web developers, especially those who are new to developing applications that require session management, is the distinction among user authentication, client identification, and client data. Distinguishing these concepts is essential to being able to provide the most appropriate session management mechanism for your Web applications.
The authentication of the user is the process by which you determine to a reasonable extent that the user is who he/she claims to be. This typically involves the user supplying a unique identifier, such as a username, and providing the answer to a challenge, such as a password. Authentication typically happens once. After ...
Get HTTP Developer’s Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
