top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

C#: What is the basic difference between Authentication and Authorization?

+5 votes
1,078 views
C#: What is the basic difference between Authentication and Authorization?
posted Nov 12, 2013 by Atul Mishra

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button
Authentication is the first level of process, once it passed then it will come for authorization.  

3 Answers

+1 vote

In Basic term Authentication is a process of verifying the identity of a user while authorization is process of checking whether user has a access right to the system. So authorization takes place after authentication.

U can use authentication and authorization with below example in C#

any client call the service or  you want to control who can call the service.
any client call any method of the service or you want to control what clients can call what methods
any client execute all of the code in a method or you want to control what clients can execute what code

The answers to these questions determine your use of authentication and authorization. Authentication enables you to identify clients that call the service. Authorization enables you to determine what operations authenticated clients can access. You will typically base authorization on roles.

To authorize, you first need to authenticate. To do that, you must be able to identify clients. Clients can identify themselves by providing evidence such as a Windows account, a user name / password or a certificate. Clients must also know that they are calling the service they intend to call. Services can identify themselves by providing a certificate.

answer Nov 13, 2013 by Neeraj Pandey
+1 vote

It's a generic thing if I understood question correctly.
Authentication - It means either User is genuine or not.
Authorization - It means either a genuine user can access a particular service or not.

answer Nov 13, 2013 by Vimal Kumar Mishra
0 votes

Authorization
Authorization is a process of allowing or denying resources to particular user or record

Declaration of authorization is

<authorization>
<allow users=”Suresh, Sanjay”/>
<deny users=”Ramana, Rakesh”>
</authorization>
Sometimes authorization allows the unauthorized persons at that time we will use
<deny users=”?”/>

Authentication

Authentication is a process where we identify the credentials of user i.e. username, password and create an identity to mention user as an authenticated.

answer Nov 20, 2014 by Manikandan J
...