Chapter 5. Authentication and Authorization
Authentication is the process of verifying that users are who they claim to be. Authorization is the process of granting access to authenticated users—based on their role—to perform operations such as view, edit, or delete for resources. In this chapter, you will learn how MODx facilitates authentication and authorization. You will build your site to include user registrations, logins, and user types, and will also set rules on who can do what.
As you read this chapter, it is important that you keep in mind that MODx has two user types:
Web Users—users who use the website
Manager Users—users who are allowed to log in to the Manager interface
It is vital to keep this distinction in mind in order to be able to understand the complexities explained in this chapter.
You will also learn in this chapter how MODx allows the grouping of resources, users, and permissions.