Security

1. Authentication

                           Authentication is the act of verifying who a user is, and is the basis of the lo-
gin process. Typically, authentication uses the combination of an identifier–a
username or email address–and a password. The user submits these values
through a form, and the application then compares the submitted informa-
tion against that previously stored (e.g., upon registration).

2. Authorization

                         Authorization is the process of verifying that a user has enough permission

to do something. 

Yii provides two authorization methods: 

               Access Control Filter (ACF) and 

               Role-Based Access Control (RBAC).