| title | Chapter 19: Authentication |
|---|---|
| date | 2021-10-01 09:28:27 -0500 |
| draft | false |
| weight | 19 |
| originalAuthor | John Woolbright |
| originalAuthorGitHub | jwoolbright23 |
| reviewer | Sally Steuterman |
| reviewerGitHub | gildedgardenia |
| lastEditor | Terri Penn |
| lastEditorGitHub | tpenn |
| lastMod | 2023-12-08 15:28:21 -0600 |
After completing this chapter, you should be able to do the following:
- Understand the basic concepts of authentication
- Use request filters to enable basic authentication in a Spring app
- Explain what two-way encryption is, and why it is not ideal for storing sensitive user data, such as passwords
- Explain what a one-way hash is, and why it presents greater security for storing sensitive user data
- Describe the characteristics of a good one-way hash function
- Write code that uses a provided hash function to hash sensitive data
- Describe how one-way hashes allow for passwords to be compared
- Describe the general authentication flow for a web app
- cookies
- authorization
- authentication
- sessions
- two-way encryption
- one-way encryption
- password hashing
- collision
- bcrypt
- MD5, SHA1
- hash function
- bcrypt
- query methods
- request filters
- allowlist
- code-based configuration
{{% children %}}