Authentication
Process of verifying user's identity, usually by providing user name and password. PortSight Secure Access provides two authentication methods: Forms authentication and Windows authentication.Authorization
Process of checking user's access rights.
Forms Authentication
One of the authentication methods used in the .NET authentication. It requires users to enter their user name and password before using the application. The users and passwords are stored in the Secure Access database.
Permission type
Permission type represents the name of the permission, such as "Read", "Write", "Approve", etc. It is always connected with some particular application or application part. Permission type is sometimes referenced as "Relationship Type" in Secure Access.
Resource-based authorization
Authorization based on permissions, such as "User JosephD is allowed read in the Work Reports application". A permission represents a connection between operator (person or group that is granted with some permission) and resource (application or application part). The permission is also specified by permission type, such as "Read" or "Approve".Role-based authorization
Authorization based on user's membership in particular role, such as "Application administrator". In PortSight Secure Access, roles are always connected with particular application.
Windows authentication
One of the authentication methods used in the .NET authentications. The users are stored in both PortSight Secure Access database and Windows NT domain controller (or Active Directory). The passwords are stored only in the Windows NT domain controller (or Active Directory) and they are checked only when user signs in to the domain.