This chapter provides an overview of configuration options for security administration. At a high level, application security ensures that only valid users can access the application: it defines specifically what a user can view and change in the application. Security administration is divided into two main categories: authentication and authorization. Authentication ensures that only valid users can access the application by requiring that all users provide a valid user name and password. Whereas authentication secures the application at login time, authorization secures the application once a valid user has successfully logged in. Authorization defines a user's ability to perform actions and to access information.
For more information on users, security roles, security groups, and the development implementation of security in the application, consult the Cúram Server Developers Guide.