Authentication are of 2 types
1) SWAM (SIMPLE WEBSPHERE AUTHENTICATION MECHANISM)
2) LTPA (LIGHT WEIGHT THIRD PARTY AUTHENTICATION)
1) SWAM (SIMPLE WEBSPHERE AUTHENTICATION MECHANISM) :
----> It simply checks Username/password of authentication person.
----> It is used for non-distributed, single application server environments
----> It does not support forwardable credentials,
----> SWAM uses session ID for identification purpose only
----> It does not stores any particular Session ID in the server.
----> Means if we send one request it checks that request and forwards to the particular Server
-----> After sometime when we send another request it will stores in a cookie session at that time the new request details will stored in that Cookie and old session details will be lost.
----> If SWAM forwards any request through sessions in midway some body will see and capture that details and also change that details of the original session request .
----> Means we cannot have any security while sending the data from one place to another place while using SWAM.
----> So in this case SWAM is not used for storage of any particular session details in a cookie
2) LTPA (LIGHT WEIGHT THIRD PARTY AUTHENTICATION ):
-----> It is Tightly Coupled. It will be used by authentication purpose to send and receiving data through CRYPTOGRAPHIC KEYS.
-----> If we send data to any person using LTPA that data will receive safely to other client.
-----> Here we are using CRYPTOGRAPHIC KEYS to send the data to another client
-----> we use mechanism as ENCRYPTION AND DECRYPTION.
----> If we send the data from one client through ENCRYPTION KEY at the receiving side the client will receive the data through DECRYPTION.
----> Means if we send the data through this key if any one wants to access or modify the data they will not access this data because it will be in code format so nobody will not able to understand this coding format through ENCRYPTION.
----> So at the receiving end the client will receives the data in DECRYPTION KEY
----> He will understands that ENCRYPTION code and will DECRYPT that code.So data will reach safely without any disturbances.
SS0 (SINGLE SIGN ON) :
----> web users can authenticate once when accessing web resources across multiple WAS
----> Once if we login or give UserID and Password no need to again and again.
----> Once a client had a valid LTPA TOKEN they need not to reauthenticate again within a cell.
----> SSO is on by default.
----> Issues cookies to Web browser to track user authentication information
----> Provides for SSO within or even between WebSphere cells
----> FormLoginServlet Authenticates and Place a SSO (Single Sign On) Token in a Cookie
ADVANTAGES :
------> Limiting the Number of Invalid Password Attempts
-----> Checking that the User’s Subscription has not Expired
-----> Logging Information about a User’s Visit
1 comments:
i need more information about sso
Post a Comment