Authentication - Session

> Software Security > (Authentication|Access control|Identification) - AuthN

1 - About

session in Authentication.

After a user has been authenticated, a session is created that holds all the navigation context data.


3 - Identifier

A session identifier is nonce.

In the web, the session identifier is typically stored in a session cookie. When the server receives an HTTP request, the server will look up the session information (user, connection time) using the session identifier as a key.