+

Search Tips   |   Advanced Search

Authentication realms

Resources are protected by authentication realms. Authentication processes can be interactive or non-interactive.

An authentication realm defines the process to be used to authenticate users, and consists of the following steps:

  1. Specification of how to collect user credentials, for example, using a form, using basic HTTP authentication or using SSO.

  2. Specification of how to verify the user credentials, for example, checking that the password matches the user name, or using an LDAP server or some other authentication server.

  3. Specification of how to build the user identity, that is, how to build objects containing all the necessary user properties.

The same realm can be used in different security tests. In this case, clients must undergo the authentication process defined for the realm only once.

Authentication processes can be interactive or non-interactive, as demonstrated in the following authentication process examples:


Parent topic: MobileFirst security framework