Hi there,
A while ago I created
https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-1, which seeks to
establish clear terminology for two concepts that often come up in
authentication:
1. The (user) interaction method via which credentials are obtained
(FORM, BASIC, etc)
2. The store where users/callers and optionally the group/role data resides
Not only do I see very different terms being used for both of these
concepts which is a problem by itself, but the lack of consistent
terminology makes it unclear what people are really asking at times.
Your thoughts?
Kind regards,
Arjan Tijms