Authorization and Authentication

The document discusses authentication and authorization for server-side web application logic. Authentication validates a user's identity, often using usernames and passwords stored securely in a database. Authorization controls user access to resources and actions.

Uploaded by

Andres R. Bucheli

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

89 views2 pages

Authorization and Authentication

Uploaded by

Andres R. Bucheli

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 2

Authorization and Authentication

1 min
Two other concepts we’ll want our server-side logic to handle
are authentication and authorization.

Authentication is the process of validating the identity of a user. One

technique for authentication is to use logins with usernames and passwords.
These credentials need to be securely stored in the back-end on
a database and checked upon each visit. Web applications can also use
external resources for authentication. You’ve likely logged into a website or
application using your Facebook, Google, or Github credentials; that’s also an
authentication process.

Authorization controls which users have access to which resources and actions.
Certain application views, like the page to edit a social media personal profile,
are only accessible to that user. Other activities, like deleting a post, are often
similarly restricted.

When building a robust web application back-end, we need to incorporate

both authentication (Who is this user? Are they who they claim to be?) and
authorization (Who is allowed to do and see what?) into our server-side logic
to make sure we’re creating secure, personalized, and dynamic content.

Web Application Security
No ratings yet
Web Application Security
55 pages
UNIT3
No ratings yet
UNIT3
24 pages
Web App Security: SQL & Command Injection
No ratings yet
Web App Security: SQL & Command Injection
28 pages
Web App Basic 3
No ratings yet
Web App Basic 3
4 pages
Authentication and Security
No ratings yet
Authentication and Security
2 pages
Security
No ratings yet
Security
24 pages
Lecture 7 Authorization 2
No ratings yet
Lecture 7 Authorization 2
49 pages
INE Authentication and SSO Attacks Course File - Unlocked
No ratings yet
INE Authentication and SSO Attacks Course File - Unlocked
200 pages
Web App Security Exploitation Guide
No ratings yet
Web App Security Exploitation Guide
9 pages
Authentication and Authorization Overview
No ratings yet
Authentication and Authorization Overview
10 pages
Mid Term CWS640
No ratings yet
Mid Term CWS640
5 pages
02 Preventing Web App Hacking
No ratings yet
02 Preventing Web App Hacking
31 pages
Ademola Adetunji's GST 104 Assignment
No ratings yet
Ademola Adetunji's GST 104 Assignment
14 pages
Unit 3
No ratings yet
Unit 3
67 pages
657470899
No ratings yet
657470899
14 pages
WebApplication Unit 3
No ratings yet
WebApplication Unit 3
37 pages
FALL2025-26 CSE4031 ETH AP2025262001217 2025-08-05 Reference-Material-I
No ratings yet
FALL2025-26 CSE4031 ETH AP2025262001217 2025-08-05 Reference-Material-I
39 pages
Report On The Effectiveness and Security of A Web App Authentication
No ratings yet
Report On The Effectiveness and Security of A Web App Authentication
3 pages
Practical Part1
No ratings yet
Practical Part1
5 pages
20 Securitytesting
No ratings yet
20 Securitytesting
36 pages
Understanding Authentication
No ratings yet
Understanding Authentication
18 pages
Week3 2
No ratings yet
Week3 2
19 pages
Gabriel Moreira Rimoli-1.4
No ratings yet
Gabriel Moreira Rimoli-1.4
2 pages
A Survey On Client Side and Server Side Approaches To Secure Web Applications
No ratings yet
A Survey On Client Side and Server Side Approaches To Secure Web Applications
6 pages
Web Security
No ratings yet
Web Security
7 pages
OWASP Web Security Guide
No ratings yet
OWASP Web Security Guide
64 pages
A Closer Look at Authentication and Authorization
No ratings yet
A Closer Look at Authentication and Authorization
7 pages
Web Application Security Checklist V1
No ratings yet
Web Application Security Checklist V1
4 pages
WAS Unit 2
No ratings yet
WAS Unit 2
52 pages
Authorization
No ratings yet
Authorization
3 pages
Css Sem 6 Mod 6
No ratings yet
Css Sem 6 Mod 6
19 pages
Topic 6 Web Security
No ratings yet
Topic 6 Web Security
15 pages
Oreilly Security and Frontend Performance
No ratings yet
Oreilly Security and Frontend Performance
64 pages
Web Application Security
No ratings yet
Web Application Security
30 pages
Web Security, Privacy, and Commerce: Simson Garfinkel
No ratings yet
Web Security, Privacy, and Commerce: Simson Garfinkel
6 pages
Web App Vulnerability Testing Guide
No ratings yet
Web App Vulnerability Testing Guide
13 pages
4 Foundations of Security What Neil Daswani, Christoph Kern 3
No ratings yet
4 Foundations of Security What Neil Daswani, Christoph Kern 3
418 pages
Security For Web Applications
No ratings yet
Security For Web Applications
25 pages
Web Unit 1
No ratings yet
Web Unit 1
37 pages
Web Security
No ratings yet
Web Security
207 pages
CAS and Role Based Security
No ratings yet
CAS and Role Based Security
4 pages
User Authentication and Authorization
No ratings yet
User Authentication and Authorization
10 pages
Security Testing Mat
No ratings yet
Security Testing Mat
9 pages
Module 2 - AS
No ratings yet
Module 2 - AS
35 pages
Web App Security Seminar Overview
No ratings yet
Web App Security Seminar Overview
20 pages
Web Application Penetration Testing - An Analysis of A Corporate Application According To OWASP Guidelines
No ratings yet
Web Application Penetration Testing - An Analysis of A Corporate Application According To OWASP Guidelines
146 pages
Web Application Security - Unit 1 Notes
No ratings yet
Web Application Security - Unit 1 Notes
37 pages
Title Quick, Which Is It: Approve, Review or Block?
No ratings yet
Title Quick, Which Is It: Approve, Review or Block?
9 pages
CEH Module 14
No ratings yet
CEH Module 14
195 pages
Aswin Ts Decoded Notes Unit 3 Authorisation & Authentication
No ratings yet
Aswin Ts Decoded Notes Unit 3 Authorisation & Authentication
3 pages
Web Security Essentials
No ratings yet
Web Security Essentials
27 pages
11-Access Control Structures, Firewalls.-06!05!2023
No ratings yet
11-Access Control Structures, Firewalls.-06!05!2023
27 pages
Secure Coding: Auth & Auth Practices
No ratings yet
Secure Coding: Auth & Auth Practices
14 pages
Web Security
No ratings yet
Web Security
7 pages
Slides
No ratings yet
Slides
5 pages
CH 8
No ratings yet
CH 8
32 pages
Web Applications Styled Presentation
No ratings yet
Web Applications Styled Presentation
12 pages
Distributing Docker Images
No ratings yet
Distributing Docker Images
33 pages
POSIX Standards Overview
No ratings yet
POSIX Standards Overview
10 pages
Agile Foundations & Frameworks Course
No ratings yet
Agile Foundations & Frameworks Course
16 pages
HTTP
No ratings yet
HTTP
4 pages
Web APIs: A Comprehensive Guide
No ratings yet
Web APIs: A Comprehensive Guide
6 pages
JSON
No ratings yet
JSON
3 pages
Port (Computer Networking)
No ratings yet
Port (Computer Networking)
5 pages
Matching Route Paths
No ratings yet
Matching Route Paths
2 pages
Algorithm
No ratings yet
Algorithm
3 pages
Framework
No ratings yet
Framework
2 pages

Authorization and Authentication

Uploaded by

Authorization and Authentication

Uploaded by

Authorization and Authentication

Authentication is the process of validating the identity of a user. One

When building a robust web application back-end, we need to incorporate

You might also like