Chapter 19: Authentication

Learning Objectives

After completing this chapter, you should be able to do the following:

1. Understand the basic concepts of authentication
2. Use request filters to enable basic authentication in a Spring app
3. Explain what two-way encryption is, and why it is not ideal for storing sensitive user data, such as passwords
4. Explain what a one-way hash is, and why it presents greater security for storing sensitive user data
5. Describe the characteristics of a good one-way hash function
6. Write code that uses a provided hash function to hash sensitive data
7. Describe how one-way hashes allow for passwords to be compared
8. Describe the general authentication flow for a web app

Key Terminology

Introduction to Authentication

1. cookies
2. authorization
3. authentication
4. sessions

Hashing Password

1. two-way encryption
2. one-way encryption
3. password hashing
4. collision
5. bcrypt
6. MD5, SHA1
7. hash function

Creating a User Model

1. bcrypt
2. query methods

Filtering Requests

1. request filters
2. whitelist
3. code-based configuration

Content Links

• Reading
• Studio: TechJobs Authentication
• Next Steps