This can be a tricky question. These two concepts seem altogether similar but there is
wide range of difference. Authentication is verifying the identity of a user and authorization
is process where we check does this identity have access rights to the system. In short we
can say the following authentication is the process of obtaining some sort of credentials
from the users and using those credentials to verify the user’s identity. Authorization is
the process of allowing an authenticated user access to resources. Authentication always
proceed to Authorization; even if your application lets anonymous users connect and use
the application, it still authenticates them as being anonymous.
wide range of difference. Authentication is verifying the identity of a user and authorization
is process where we check does this identity have access rights to the system. In short we
can say the following authentication is the process of obtaining some sort of credentials
from the users and using those credentials to verify the user’s identity. Authorization is
the process of allowing an authenticated user access to resources. Authentication always
proceed to Authorization; even if your application lets anonymous users connect and use
the application, it still authenticates them as being anonymous.
No comments:
Post a Comment