Make a summary every day, persistence is victory!
/** @date 2021-07-01 @description */Copy the codeOne (sequence)
- For determining whether the user really has access to the system
permissions, need to check the user’s own knowledge or user’s own information, general information includes:
A. Password: a string known only by the user B. Dynamic token: one-time information only available on the device owned by the user C. D. Biometric authentication: iris or fingerprint. E. IC card: personal information onlyCopy the code- HTTP/1.1 Uses the following authentication modes:
A. BASIC AUTHENTICATION B. DIGEST authentication C. SSL client authentication D. FormBase authenticationCopy the code- BASIC authentication,
Use a few
Use a few 
HTTPStheClient Certificate6. SSL client authentication Procedure: To achieve SSL client authentication, distribute the client certificate to the client in advance and install the certificate on the clientcost
1. After receiving a Request for authentication resources, the server sends a Certified Request packet, asking the client to provide a certificate. 2. After selecting a Client certificate to be sent, the user sends the Client certificate information to the server in a Client Certified packet. 3. After the client certificate is successfully authenticated, the server obtains the public key in the client certificate and starts HTTPS communicationCopy the code- The SSL client authentication is used
Two-factor authentication: The certification process is not only requiredpasswordThis factor also needs to be provided by the applicant for certificationOther informationIn other words, except useClient CertificateTo authenticate the client, you also need topasswordTo make sure it is the user himself - Based on the
Forms authentication: Sent from the client to the serverLogin information, based on the verification results of login information (such as Gmail login) - Authentication is mostly based on form authentication (i.e. login by entering a user name/password)
- use
CookieTo manage theSession:
The client logs in using the user name and password. 2. The server issues a SessionID to identify the user and writes the SessionID in the header set-cookie field when it returns a response to the client. After receiving the SessionID, the client saves it as a Cookie. When sending a request again, the client automatically sends the Cookie. At this time, the server can identify the user and its status according to the received SessionIDCopy the code
Password with saltHash: The server generates a segmentrandomtheIs long enoughString, with passwordcombinationForm a hash value, and then save it so that even if two users have the same password, it will be becausesaltThe difference in hash values can be greatly reducedPassword feature, it is difficult for attackers to use their own password signature databasecrack