what is the most costly and intrusive form of authentication? This is a topic that many people are looking for. savegooglewave.com is a channel providing useful information about learning, life, digital marketing and online courses …. it will help you have an overview and solid multi-faceted knowledge . Today, savegooglewave.com would like to introduce to you Authentication vs Authorization. Following along are instructions in the video below:
Welcome back in this lesson. Well look at authentication versus authorization. So if you you look at this picture on the left hand side thats the authentication and the right hand side you have the authorization.
This picture tells you the whole story. But just to summarize authentication is a process of determining that somebody really is who he claims to be and authorization refers to the rules in terms of what are they allowed to see to keep it simple imagine. Lets say you go into a building your office building and then you need to have your access card right so that is your authentication.
So when you touch the access card and the gates would open so when you touch the card. The gates get opened that is the authentication process. So the card is proving you are the person who you claim to be so.
The card has some unique reference id. Number. And then you touch it and then the gate in turn is coded in such a way that it recognizes youre an active employee.
And then it would open the gates for you so thats youre entering the building. But just because you can enter the building doesnt mean you can go on to every floor right there might be some restricted areas. Where you cant have access or you will not have access so you will have access to the building.
But may not necessarily have access to the all the floors. So thats the authorization. Bit the two concepts are completely different and they are independent you need to understand the difference.
And ive seen this lot of times developers use these terms interchangeably. So make sure nick from next time you differentiate. What is authentication and then also what is authorization and to keep it simple and in different terms.
You can think authentication is a process. Where you have some kind of user id and then password. So you would have lets say that you go into the office building and then you need to login you need to authenticate for the first time youre running on windows operating system.
So you would log onto your windows and you you go into the you connect the your office network. So youre authenticated inside your office network. But whereas you may not have access to all the systems and all the databases.
That is where authorization kicks in if you see here the some of the items are crossed and some of the items have tick boxes right so that talks about what you have access to what you dont have access to and some of the other differences between authentication and authorization is authentication is a verification process. It is validating and verifying the person you claim to be and whereas. Authorization is all about permissions.
So you are you have access to the network and then you need to have permission to view certain databases or certain tables in database. And if you think about authentication think about who rather than what where authorization is all about what so authentication is about proving that you are the person who you claim to be ok. Now that you prove the person you claim to be but what access do you have thats all about authorization and primarily authentication deals with your active directory.
And ldap. Although. They are completely different active directory.
Is a directory service made by microsoft. And it provides all sorts of functionalities like authentication groups and user management policy administration and more and ldap stands for lightweight directory. Access protocol is a means for querying items in in any directory.
Basically ad uses a flavor of ldap and ill give you a simple analogy. If you really think about is and http. So basically http is a web protocol and then pi is is a web server which implements http protocol same way active directory is the directory service which uses ldap framework so active directory is not ldap.
But it is one of the example of ldap s. Primarily windows users run on active directory and remember that ldap is not a product an authorization from click security implementation perspective is primarily section access and then loop and reduce so section. Access is more dynamic data.
Reduction and loop and reduce is considered more like a static data reduction. So in section. Access you implement for example you might have nt names or user ids.
You will have data reduction on multiple fields or single field. Whereas with loop and reduce you would loop through an application and reduce the data and create multiple copies of the application loop and reduces you can only implement loop and reduce when you have click you publisher license available so for example lets say that you have three departments department. A department b.
And department c. And you can have one source document and then you can have three user documents so each of the user documents will only contain subset of data. So department.
A department b. And department c. So these three are completely separate user documents.
But they are created by using one source document. So that is like at a high level loop and reduce we will cover loop and reduce in later chapters. But for a high level.
Overview loop. Introduced can be part of authorization. Along with section.
Access. So you can also implement loop and reduce along with section access. These are not mutually exclusive.
So you can implement them together. So i hope this makes sense. And then gave you some idea about authentication and authorization.
So the main takeaway is authentication is all about verification. And author authorization is all about permissions so next time when someone talks about authentication. More likely they might be talking about active directory or custom ldap on qlikview server.
You can also implement custom ldap thank you for watching. .
Thank you for watching all the articles on the topic Authentication vs Authorization. All shares of savegooglewave.com are very good. We hope you are satisfied with the article. For any questions, please leave a comment below. Hopefully you guys support our website even more.