AuthenticationAuthentication is the means of ensuring that a user is he who claims to be. Most common means of authentication is "login" system.
AuthorizationAuthorization answers the question "Can the user perform foo action on my system" ? Based on the answer, we either perform or reject the action. So authorization ensures that a user is allowed to perform an action on the system ... So a user authenticates himself, then based on that , we may decide the actions he may or may not perform (Authorization) More information here. Cheers
The people have spoken
comments powered by Disqus