Presentation in Google Slides http://bit.ly/AuthZ-AuthN-Diana
Testers are often asked at interviews to test a login form. And this is where their acquaintance with authentication testing ends.
We'll talk about authorization and authentication (AuthZ & AuthN) testing: what is the difference between them and how to stop confusing them; what are the specifics of the work of the Oauth 2.0 protocol; what are the best practices of AuthZ & AuthN security testing; what is Identity and Access Management system and where to practice testing of that famous login form.
The talk will be useful for functional testers and those who are interested in the technological aspects of AuthZ & AuthN.