this post was submitted on 25 Jun 2023
351 points (99.2% liked)

Programmer Humor

20215 readers
1850 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
351
Auth (lemmy.mywire.xyz)
submitted 2 years ago by [email protected] to c/[email protected]
24 comments fedilink hide all child comments
 
top 21 comments
sorted by: hot top controversial new old
[–] [email protected] 18 points 2 years ago (1 children)

It’s really not that hard. Authentication is about proving the identity of the subject e.g. logging in using information only known / in possession by the subject (password, mfa etc). Authorization is about establishing what permissions that identity has in a given context. E.g. is this identity allowed to create/read/update/delete these resources. Authorization is typically done through roles (RBAC) or more granulary through attributes (ABAC).

[–] [email protected] 12 points 2 years ago (1 children)

Now how does this compare to AuthN and AuthZ...

Holy crap after writing that AuthN must be authentication and AuthZ must be authorization.

I'm a genius.

[–] [email protected] 3 points 2 years ago

Indeed you are ;)

[–] [email protected] 13 points 2 years ago

Just call it a11n or a12n and nobody will know if they can't count or if you can't count

[–] [email protected] 11 points 2 years ago (1 children)

And even with 'AuthN' vs 'AuthZ' it always takes me a minute to spell them out and work out which is which

[–] [email protected] 5 points 2 years ago (2 children)

What's this authN / authZ business?

[–] [email protected] 9 points 2 years ago* (last edited 2 years ago) (2 children)

AutheNtication vs. AuthoriZation, I believe

[–] [email protected] 3 points 2 years ago (3 children)

How's that supposed to help?

[–] [email protected] 16 points 2 years ago* (last edited 2 years ago) (2 children)

AuthN is: I claim to be dreadgoat, but how can I prove it? (login, password, mfa)
AuthZ is: Now that you know I am dreadgoat, do I have permission to post this comment? (access control, roles, attributes)

[–] [email protected] 3 points 2 years ago (1 children)

I know what they are and the differences, I thought the N and Z would somehow be an easy way to work it out/remember. But the trick is just to remember which is which.

[–] [email protected] 1 points 2 years ago

N comes before Z in the alphabet, and you must always AuthN before you can AuthZ. Easy mnemonic.

[–] [email protected] 1 points 2 years ago

This is a great explanation, thank you.

I deal mainly with authorization and I'm not sure I've ever had the differences explained this simply (so I incorrectly lump them together)

[–] [email protected] 1 points 2 years ago

It doesn’t

[–] [email protected] 2 points 2 years ago* (last edited 2 years ago) (1 children)

AutheNtication

[–] [email protected] 1 points 2 years ago

Ahh, that would make more sense, thank you - corrected

[–] [email protected] 6 points 2 years ago

That's the thing, nobody really knows!

[–] [email protected] 6 points 2 years ago* (last edited 2 years ago)

Who doesn't like compounding two words with different meaning by definition, but for some inexpiable reason have the same meaning in the programming world, by shortening them?

Now the poor, average programmer has to deal with strange words. One such example is "permission," which is normally used within a casual context, rather then within a more serious context, like a program handling secure data. The poor programmer can now no longer take his job seriously, and is now forever in an existential crisis, due to the lack of formality. ;)

[–] [email protected] 5 points 2 years ago

I made a class one time called Auther that did both. Got some chuckles in the code review so I was pretty happy with that

[–] [email protected] 3 points 2 years ago

Access Control

load more comments
view more: next ›