This section will discuss two fundamental security services also supported by WebSphere Application Server:
Authentication is the process of establishing whether a client is valid in a particular context. A client can be either an end user, a machine or an application.
A realm is a collection of users that are controlled by the same authentication policy.
The authentication process involves gathering some unique information from the client.
There are three major groups of secure authentication used to gather this unique information:
Knowledge-based - user name and password, for example.
Key-based - physical keys, encryption keys, key cards.
Biometric - finger ...