What is difference B/W Authentication and authorization?
Best example would be assume your company scenario (if ur working). You may get permission to enter company premises (authentication) but u may not be allowed to enter Data Protection room (authorization)
Authentication is verifying the identity of a user
For example: obtaining some credentials like user's name and password and some other informations and using those credentials to verify the user's identity
Authorization is process where we check does this identity have access rights to the system.
For example: Users have to rights to see the any webpages but they are not allowed to edit the contents of that page and also restricted to view some pages which are under the control of the administrators.
Authentication is the process of identifying and verifying who the client accessing the server is.For example, if you use
Authorization is the process of determining whether an authenticated user has access to run a particular page within an ASP.NET web application. Specifically, as an application author decide to grant or deny the authenticated user.This could be done either by explictly granting/denying rights based on the username or use role based mappings to map authenticated users into roles.