Authentication & Authorization

Authentication & Authorization: An explanation of the Ingeniux CMS security paradigm.


Users may treat the words authentication and authorization as synonyms, but they have different meanings. Authorization defines the process of granting the user permissions to access a resource or perform a task. Authentication defines the process of verifying the user’s identity based on a set of credentials. This distinction separates the protection of content into two individual processes. Each process can have its own separate implementation or multiple implementations.

For example, you might authenticate a user by checking a username and password against the values stored in a database or by verifying the existence and validity of a session ID stored in a browser cookie. Likewise, you might authorize a user to view content on a protected page by verifying the user’s account type has administrator permissions.

This section includes:

On the DSS, an additional type of authentication, Run-Time Authentication (RTA), provides a layer of permissions to live content.

The Ingeniux Run-Time Authentication module provides an API for implementing authentication routines. This API allows content contributors to implement authorization logic by consuming the artifacts of the authentication system.