Security Component SPIs
The core framework defines two SPIs that define the security architecture:
By "authentication" we mean logging into the application using some credentials, typically a username and password. Authentication also means looking up the set of roles to which a user belongs.
And by "authorization" we mean permissions: granting roles to have access to features (domain object members) of the app, and granting users to those roles.