Is there a difference between authentication and authorization?

Question

I see these two terms bandied about quite a bit (specifically in web-based scenarios but I suppose it\'s not limited to that) and I was wondering whether or not there was a

Answer 1

Authenticating a user on a website means that you verify that this user is a valid user, that is, verifying who the user is using username/password or certificates, etc. In common terms, is the person allowed to enter the building?

Authorization is the process of verifying if the user has rights/permission to access certain resources or sections of a website, for example, if its a CMS then is the user authorized to change content of the website. In terms of the office building scenario, is the user allowed to enter the networks room of the office.