Authentication is the process of ensuring to some in order
to access computer services, or that the provider of the service is actually who
it claims to be. This types of services works on shared secrets like password or
private key. Some schemes does not want to exchange actual secrets but only
proves that other end knows the secret. E.g. Encryption of a random message with
a private key. A web authentication where a web page includes a dialog box
having user name and password and other information required for certification
where the browser presents an X.509 certificate to the server to request access,
and digest authorization where the password is digested before being sent to the
server to avoid it being snooped on.
While talking about J2EE platform, it requires
three types of authentication: basic, form based, and mutual authentication.