Authorization |
|
Once the system knows who the user is through authentication, authorization is how the system determines what the user can do. This is defined in Access Control Lists (ACLs), where an administrator can set permissions for various resources. Role-based permissions and the privileges of a an administrator are examples of configuring permissions.