Authorization
As mentioned earlier, authorization is a process of finding out whether the user, once identified, is permitted to access a resource. This process is implemented by assigning and checking permissions (using roles).
Permission
Permission is an action on a resource. The portal provides a full security model incorporated into fine-grained permissions and role-based access control. It will give administrators full control over access and privileges to portlets, layouts, and groups within the portal. This means that there are two main features on permissions. First of all, permissions are fine-grained in the portal. For example, for a given page, permissions could be Add Discussion, Delete Discussion, Update, Update Discussion, Permissions ...
Get Liferay Portal 6.2 Enterprise Intranets now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.