Authentication: To validate the login user( login name & password)
Authorization: Depending on the login user the part of the application for which he/she is authorized to work with should only open.
for ex. In a application two categories 1.Admin 2.General user are present both hv login name & password.
admin can see Masters,creat user whereas General user can't.
when a user login as Admin the application open with Master & User creating form.
but when User login other than Admin the these two part will be Excluded from the Application.