IBM WebSphere V5.0 Security: WebSphere Handbook Series

2.2. Security fundamentals

This section will discuss two fundamental security services also supported by WebSphere Application Server:

Authentication
Authorization

2.2.1. Authentication

Authentication is the process of establishing whether a client is valid in a particular context. A client can be either an end user, a machine or an application.

Definition

A realm is a collection of users that are controlled by the same authentication policy.

The authentication process involves gathering some unique information from the client.

There are three major groups of secure authentication used to gather this unique information:

Knowledge-based - user name and password, for example.
Key-based - physical keys, encryption keys, key cards.
Biometric - finger ...

Get IBM WebSphere V5.0 Security: WebSphere Handbook Series now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

IBM WebSphere V5.0 Security: WebSphere Handbook Series by Peter Kovari, Derek Carpenter, Paul Creswick, Piotr Kisielewicz, Floyd Langley, David Leigh, Rao Maheshwar, Stephen Pipes

2.2. Security fundamentals

2.2.1. Authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly