Security Component SPIs
The core framework defines two SPIs that define the security architecture:
the Authenticator SPI allows for different authentication implementations to be used
the Authorizor SPI allows for different authorization mechanisms to be used
By "authentication" we mean logging into the application using some credentials, typically a username and password. Authentication also means looking up the set of roles to which a user belongs.
And by "authorization" we mean permissions: granting roles to have access to features (domain object members) of the app, and granting users to those roles.