Authentication is the process to verify user identity by using user credentials. It is a process that checks whether the user is valid or not also this process permits authenticated user to access the resource. A resource can be a web page, media files,zip files etc.
Authorization is a process of allowing authenticated user to access the resource by checking whether the user has access rights to access particular resource. Authorization provides the access rights by granting or denying permission to access the resource of authenticated user.
1. Authentication is a process of verifying identity of a user.
1. Authorization is a process to check whether the authenticated user has access rights to the system or not.
2. The first authentication is done.
2. If authentication is complete then authorization will check.
3. There are three ways to do authentication are windows authentication,forms authentication, and passport authentication.
3. There are two ways to do authorization are URL authorization and File authorization.
4. Example: Suppose we have a user tries to access the website then first its credentials- username and password is check. If credentials are valid then he will be able to access the website. This is authentication.
4. Once the user is valid we have to check the user access right means the user is normal or administrator. If the user is administrator then he will be able to access all the admin pages but if the user is a normal user then he will not be able to access the admin pages. This process is called authorization.