官术网_书友最值得收藏!

Spring Security terminologies

It's important to understand some of the most important Spring Security terminologies. Let's look at some of them:

  • Principal: Any user, device, or system (application) that would like to interact with your application.
  • Authentication: A process by which your application makes sure that the principal is who they claim to be.
  • Credentials: When a principal tries to interact with your application, the authentication process kicks in and challenges the principal to pass on some values. One such example is a username/password combination and these values are called credentials. The authentication process validates the principal's passed-in credentials against a data store and replies back with the appropriate result.
  • Authorization: After successful authentication, the principal is checked again for actions that it can perform on your application. This process of checking rights for a principal and then granting necessary permissions is called authorization.
  • Secured item/resource: The item or resource that is marked as secured and requires the principal (user) to successfully complete both authentication and authorization.
  • GrantedAuthority: A Spring Security object (org.springframework.security.core.GrantedAuthority interface) that contains/holds permissions/access-right details of a principal.
  • SecurityContext: A Spring Security object that holds a principal's authentication details.
主站蜘蛛池模板: 吉首市| 镇安县| 车致| 昂仁县| 佛学| 安溪县| 南部县| 黎城县| 林芝县| 新邵县| 太谷县| 鄱阳县| 宁明县| 武川县| 祁门县| 岑溪市| 宣威市| 祁东县| 金门县| 安溪县| 乌苏市| 东莞市| 新昌县| 河曲县| 阿勒泰市| 榕江县| 六盘水市| 顺昌县| 镶黄旗| 新乡县| 崇明县| 内乡县| 双柏县| 潞西市| 高雄县| 博兴县| 汝南县| 大竹县| 东安县| 莒南县| 民和|