Authentication
-
Authentication and AuthorizationWeb/Security 2019. 8. 27. 21:55
1. Overview Authentication is the process of ascertaining that somebody really is who they claim to be. And Authorization refers to rules that determine who is allowed to do what. E.g. Adam may be authorized to create and delete databases, while Usama is only authorized to read. 1.1 Authentication Login + password Who you are 1.2 Authorization Permissions What you are allowed to do 2. Descriptio..
-
Session and CookieWeb/Security 2019. 8. 23. 13:22
1. Overview 1.1 Session Storing user-related data across different requests. Server-side storage holding contextual data 1.2 Cookie Storing a small piece of the date on client-side Used to identify a client Used for passing some data from one servlet to another 2. Session If we access the JSP page for the first time, then a new session gets created by default. In most cases, a web server uses co..