Different ways to Authenticate a Web Application
Authentication is common way to handle security for all applications. This is only way to answer the question “who you are?” to the application, when comes to stateless architecture or service oriented architecture we got lot of new concepts and technologies in the market. In this article we will learn how to handle authentication on RESTful APIs. Authentication: Lets start by listing the various ways through which we can achieve authentication, Cookie-Based authentication Token-Based authentication Third party access(OAuth, API-token) OpenId SAML Cookie based authentication h a s been the default method for handling user authentication for a long time. From the below diagram you can clearly see the client posts the login credential to the server, server verifies the credential and creates session id which is stored in server(state-full) and returned to client via set-cookie. On subsequent request the session id from the cookie is verified in the server and the request get processed