Back to Security Pattern Catalog
: Perimeter Security, Spoofing
Security tokens can be of diverse types, like username/passwords, X.509v3 certificate, Kerberos ticket, SAML tokens, smart card tokens and biometric samples. To encapsulate these user credentials for use with different security product architectures, developers have to modify the security token processing routine to accommodate individual security product architectures.
How can this be done?
Encapsulate different types of user credentials as a security token that can be reusable across different security providers. Provide a security API abstraction that creates and retrieves the user identity information from a given user credential. Support the different semantics and mechanisms required by different types of applications.
An implementation using Kerberos ticket or SAML token.
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz