Authorization
Authorization is the process of determining if a user or a user profile can perform a specific activity. Authorization has four entities:
- User
Maps to a Windows user account, and forms a bridge between the Windows user and PAH user.
- Authority
Represents a Boolean state that indicates if the user has rights to perform a specific task. This entity is the lowest unit of authorization.
- Role
Maps to a real-world model and consists of one or more authorities. The mapped roles of authorities define the privileges for a user.
- User profile
Groups roles for a user by offering an abstraction layer. A user may be mapped to one or more profiles, and each profile may be mapped to one or more roles. This enables the user to choose among various assigned profiles.