摘要 |
Various embodiments of systems and methods for integrated web application security are described herein. A unified framework for authentication, authorization, and session management specifically separates credential gathering and authentication as two separate steps that may be extended independently. The credential gathering is done by specific credential providers, and the authentication is performed independently. In another aspect, login/logout processing is separated from the authentication logic. Session validators, credential providers, authenticators, authorizers may be run independently.
|