What is the difference between authentication and authorization?

What is the difference between authentication and authorization? Why it is important to understand difference between two?

Authentication

Authentication verifies who you are. For e.g. login via ssh or access mail server using POP3 and SMTP protocols. Usually PAM (Pluggable authentication modules) are used as low-level authentication schemes into a high-level application programming interface (API), which allows programs that rely on authentication to be written independently of the underlying authentication scheme.

Authorization

Authorization verifies what you are authorized to do. For e.g. you are allowed to login via ssh but you are not authorized to browser / or any other file system. Authorization occurs after successful authentication. Authorization can be controlled at file system level or using various app level configuration options such as chroot(2).

Usually the connection attempt must be both authenticated and authorized by the system. You can easily find out why connection attempts are either accepted or denied with the help of these two factors.

Large setups

Usually, large Linux / UNIX installation equipped with central LDAP directory servers to authenticate users. A user must provide username and password againest all services such as Squid, WI-FI, SMTP, POP3 etc. LDAP directory allows you to obtain required information such as employee number, email address, department code etc. The directory provides additional data lookup and search capabilities. OpenLDAP and the Fedora Directory Server (FDS) is an LDAP (Lightweight Directory Access Protocol) servers.

What is the difference between authentication and authorization?

Authentication

Authorization

Large setups

Featured Articles:

Related FAQs