1
1
.
.
1
1
.
.
2
2
A
A
u
u
t
t
h
h
e
e
n
n
t
t
i
i
c
c
a
a
t
t
i
i
o
o
n
n
-
-
I
I
d
d
e
e
n
n
t
t
i
i
t
t
y
y
/
/
P
P
r
r
i
i
n
n
c
c
i
i
p
p
a
a
l
l
I
I
n
n
f
f
o
o
Once the Subject is Authenticated unique Identity/Principal is assigned/stored to uniquely identify Subject.
For instance if Subject made a HTTP Request, Application will create Session in which it stores unique Identity/Principal
so that the Application knows which Subject is sending HTTP Requests.
For instance two Subjects/Users/Persons with the name Jack Carpenter might be logged in at the same time.
Since they were logged in using different Credentials (combination of Username and Password) Application was able to
Authenticate them as two different Subjects with two different Identities/Principals
● First Jack Carpenter holds ID = 100 in Application's DB
● Second Jack Carpenter holds ID = 200 in Application's DB
So in this example Identity/Principal is their unique ID from Database.
