An AuthenticationStrategy is responsible for retriving a Principal for the current request.
An AuthorizationStrategy that uses HTTP Basic Auth.
A principal contains an authenticated user.
An AuthenticationStrategy that uses a session to check for the presence of a Principal.