Authentication is the process of verifying the credentials such as username and password of the user and then allows that user to access the server.
This process can be done in many ways like :
Password based authentication
Device based authentication
For Example, if you use
Windows based Authentication and are browsing an ASP.NET page from server -- ASP.NET/IIS would automatically use NTLM to authenticate you as user1.
Forms based Authentication, then you would use an html based forms page to enter username/password -- which would then check a database and authenticate you against the username/password in the database.
Authorization is a process of verifying whether the user has got the permission to do the operation that he is requesting.
Asked In: Many Interviews |