Reading Class 10 - meron-401n14/seattle-javascript-401n14 GitHub Wiki

Authentication : is a process of verifying that an individual , entity or website is who it claims to be.

Session Management is a process by which a server maintains the state of an entity interacting with it .This is required for server to remember how to react to subsequent requests throughout a transaction.

Authentication Solution and sensitive Accounts

• Don NOT allow login with sensitive accounts (i.e. accounts that can be used internally with the solution such as a back-end / middle-ware/DB) to any front end user interface.
• Do not use the same authentication solution (e.g IDP/AD) used internally for unsecured access(e.g. public access /DMZ)