So many
developers are having the confusion with the words Authentication
and Authorization. Here is a small explanation of it.
Authentication is nothing but validating the user i.e.,
checking user’s username and password to identify him.
Whereas authorization is the process of giving privileges to
the authenticated users. That means all authenticated users can not performs
all operations. Depending on his roles some privileges are given to them in the
form authorization.
For example for a particular bank website,
customers, employees, administrators can login into that websites. But the
options available to these persons are different at customer level , bank
employee level, administrators level etc. This is authorization.
No comments:
Post a Comment
Thanks for your comment.