Securing the Cloud Application Business Insights application in WebSphere® Application Server Liberty

To understand the basic workflow of security in Liberty, some common security terms are detailed.

About this task

Security key terms
Authentication
Authentication confirms the identity of a user. The most common form of authentication is user name and password, such as through basic authentication or from login for web applications.
Authorization
Authorization determines whether a user has access to a specific role within the system.
Role
A role is defined within the Java EE application. In Java EE, subjects are granted or denied access to a role based on the roles they perform within the application.
Subject
Typically, the term subject means active entities within the system, such as users on the system, and even the system process itself.

When you are using Cloud Application Business Insights V1.1.7, you can use the OpenID Connect Relying Party server and the OpenID Connect Provider server both run on the same system, or use a third-party OIDC.