8.27.2012

Authentication vs Authorization

Difference between Authentication and Authorization in ASP.NET

S.No Authentication Authorization
1
Meaning:
Authentication is the process of verifying the identity of a user.
Meaning:
Authorization is process of checking whether the user has access rights to the system.
2
Example:
Suppose, we have 2 types of users ( normal and admins ) to a website. When the user tries to access the website, we ask them to log in. This is authentication part.
Example:
Once we know the user is valid, then we determine to which pages the user has access to. Normal users should not be able to access admin pages. This is authorization part.
3
Types of Authentication:
Windows Authentication
Forms Authentication
Passport Authentication
Types of Authorization:
ACL authorization (also known as file authorization)
URL authorization
4
Whent it takes place ?
Authentication always precedes to Authorization,event if our application lets anonymous users connect and use the application,it still authenticates them as anonymous.
Whent it takes place ?
Authorization takes place after Authentication

No comments:

Post a Comment