The process of authenticating the identity of an off-site user not within the application server’s domain. This process is completed by a remote user specifying an identity and some form of corresponding “proof” of identity. The proof provided is generally a secret string of letters and/or numbers (such as a credit card number, a password, or a Personal Identification Number such as an important date to the user) that can then be verified.
BEA Systems. Security Fundamentals. [Online, 2004.] BEA Systems Website. http://e-docs.bea.com/wls/docs81/secintro/concepts.html#1077583.