Is there a difference between authentication and authorization?

Question

I see these two terms bandied about quite a bit (specifically in web-based scenarios but I suppose it\'s not limited to that) and I was wondering whether or not there was a

Answer 1

The main point is:

• Authentication deals with user account validation. Is this a valid user? Is this user registered in our application?. e.g.: Login
• Authorization deals with user access validation to certain feature. Does this user have the authorization/right to access this feature? e.g.: Claims, Roles