Step 2: Initial Authentication (The Java EE 5 Tutorial)

The Java EE 5 Tutorial

Previous: Step 1: Initial Request
Next: Step 3: URL Authorization

Step 2: Initial Authentication

The web server returns a form that the web client uses to collect authentication data (for example, user name and password) from the user. The web client forwards the authentication data to the web server, where it is validated by the web server, as shown in Figure 28–2.

Figure 28–2 Initial Authentication

Diagram of initial authentication: server sends form
to client, which sends authentication data to server for validation

The validation mechanism may be local to a server, or it may leverage the underlying security services. On the basis of the validation, the web server sets a credential for the user.

Previous: Step 1: Initial Request
Next: Step 3: URL Authorization