Access to the resources of an information system by an entity, breaks down into three sub-processes, authentication, identification (digital identity (Internet)) and access control (logical access control). Authentication refers to the process of confirming that a principal is legitimate to access the system. There are four classic authentication factors that can be used in the client authentication process:
Authentication for a computer system is a process allowing the system to ensure the legitimacy of the access request made by an entity (human being or another system ...) in order to authorize the access of this entity to system resources (systems, networks, applications, etc.) in accordance with the configuration of access control. Authentication therefore allows, for the system, to validate the legitimacy of the entity's access, then the system assigns to this entity the identity data for this session (these attributes are held by the system or may be provided by the entity during the authentication process). It is from elements from these two processes that access to system resources can be configured (access control).
The Backend part of our project uses java language in the J2EE category and uses multiple frameworks such as spring, Hibernate, etc.
For this part we will show you how we installed our authentication system this was done with spring security technology.
The main security mechanism used is the JWT (JSON Web Token).
Since the biggest job has been done on the backend, the frontend part will take care of synchronizing with the authentication API created which is API / Authenticate which creates and returns the identification key that I recover to the using a JSON file.
