Java身份验证和授权
[英]Java Authentication and Authorization
问题描述
Can anyone comment on this scenario belong to authentication or authorization 
任何人都可以对此场景发表评论属于身份验证或授权
Authentication : User is logging with username & password - called authentication. 身份验证:用户正在使用用户名和密码登录-称为身份验证。
Authorization : User has some role - called authorization. 授权:用户具有某种角色-称为授权。
If I have only username and user Id and want to check from DB what it called ? 如果我只有用户名和用户ID,并且想从数据库检查它叫什么? Authorization or Authentication ? 授权还是认证?
Could anyone comment on this ? 有人可以对此发表评论吗?
Thanks 谢谢
1 个解决方案
解决方案1
1 已采纳 2016-09-30 11:45:44
Authentication is the check if someone is the person he/she says he/she is (eg by asking for a password ). 身份验证是检查某人是否是他/她说的人(例如,通过询问密码 )。 Authorization is the check if someone has the right to do something. 授权是检查某人是否有权做某事。
So in your case that database isn't able to check authentication. 因此,在您的情况下,数据库无法检查身份验证。 If the information about what the user is allowed to do can be extracted from the data within the database then this'd be authorization . 如果可以从数据库中的数据中提取有关允许用户执行的操作的信息,则这将是授权 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.