There is often some confusion about the difference between authentication and authorization. Authentication is a process that identifies who the caller/client is and verifies the client or caller’s authenticity. This process normally involves some type of user ID and password checks. If the user ID and password match, authentication succeeds. The caller/client usually receives a security token from the authentication process so that its identity will not have to be validated again. Authorization is the process that checks the level of access to certain underlying resources for a given identity. In other words, it checks whether a particular caller or client that has already been authenticated successfully has permission (i.e., authorization) to access certain resources, such as reading a file, querying a database, or accessing a business component.
KeywordsAttribute Class Configuration File Access Permission Public Class Public Void
Unable to display preview. Download preview PDF.