Now a days, almost every client demands for implementation of powerful security feature in real time application. Demand of security feature is very valid to maintain confidentiality, integrity and availability. There are many types of security in the real world, but we as a developer will focus on the Application/Software Security. Furthermore, in Application Security, our job is to ensure basically two things. First, only valid user can access the application. Second, If the user is valid, he/she can access only permitted data/information in that application. I consider, there is nothing to explain more about them as you must already be aware of these two terminologies i.e. Authentication & Authorization. You might already have guessed what we will discuss in our