[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Authentication Usecases
For each, I list: the name, the per entity information required to authenticate the subject, any other information required to authenticate the subject and any optional, but likely to be needed information. username/password hashed password none none Kerberos none Kerberos ID including secret key (keytab) none SAML/SSO Id of Trusted IdP Root certificate or shared secret to verify signature or TLS keys & certificates none Open ID none Id of Trusted IdP's Means to authenticate X.509 PKI none Trusted Root Certificates Certificate and private key to authenticate Hardware token none Access to authentication server, typically with RADIUS none ------- I suggest that the category of WS Security Token be dropped from the list. A WSS Token is one of several things, including username, X.509 Certificate, Kerberos Ticket and SAML Assertion. All of these should be covered individually. Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]