What is difference B/W Authentication and authorization?
By in ASP.NET on Apr 10 2007
  • rakesh shrivastav
    May, 2007 28

    Best example would be assume your company scenario (if ur working). You may get permission to enter company premises (authentication) but u may not be allowed to enter Data Protection room (authorization)

    • 0
  • poorani ashokkumar
    Apr, 2007 18

    Authentication is verifying the identity of a user 

    For example: obtaining some credentials like user's name and password and some other informations and using those credentials to verify the user's identity

    Authorization is process where we check does this identity have access rights to the system.

    For example: Users have to rights to see the any webpages but they are not allowed to edit the contents of that page and also restricted to view some pages which are under the control of the administrators.

    • 0
  • Apr, 2007 10

    Authentication is the process of identifying and verifying who the client accessing the server is.
    For example, if you use

    • Windows authentication and are browsing an ASP.NET page from server — ASP.NET/IIS would automatically use NTLM to authenticate you as SYNCFUSION\user1 (for example).
    • Forms based authentication, then you would use an html based forms page to enter username/password — which would then check a database and authenticate you against the username/password in the database.

    Authorization is the process of determining whether an authenticated user has access to run a particular page within an ASP.NET web application. Specifically, as an application author decide to grant or deny the authenticated user.This could be done either by explictly granting/denying rights based on the username  or use role based mappings to map authenticated users into roles.

    • 0


Most Popular Job Functions


MOST LIKED QUESTIONS