At its core, authentication is about transitioning. We take the user’s credential and give them back something useful (let’s call this useful thing a token). We take the user’s password and we give them a Kerberos ticket or a web access management cookie (think SiteMinder’s SMSESSION ticket). We validate the user’s certificate and negotiate the [...]
Category: Uncategorized Tags:
