Vendor 2承认了这些缺陷,然后给我们写信说:“会话cookie不是一个可代替的认证标识。”
Vendor 2 acknowledged the weakness, yet wrote us: "Session cookies are not a replacement for authentication tokens."
认证和标识系统与所调用的服务一起提供上下文,当调用服务时,该上下文用来发现恰当的合同。
Authentication and identity systems provide the context used to discover the appropriate contract when the service is invoked, along with the invoked service itself.
如果认证失败,您可以除去这个标识。
应用推荐