• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

isUserInRole()

 
Salil Dhawan
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
On broader level isUserInRole() is related to authorization or authentication?I think it is authorization as it returns boolean depending whether user is in specified role or not.But in specifications its written that even if user is not authenticated it will return false ( which is logical).

So is this concept related to authentication or authorization?
 
Ulf Dittmer
Rancher
Posts: 42969
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Authorization. Authentication concerns itself with verifying that the user is who he says he is. Authorization is about determining which rights a particular user has AFTER he is authenticated (e.g., which roles he's in).
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic