move client-authorization a level up

docs/modules/secure-cluster/partials/nav.adoc

@@ -6,7 +6,7 @@
 *** xref:security:tls-configuration.adoc[]
 ** xref:secure-cluster:security-defaults.adoc[]
 ** xref:security:enabling-security.adoc[]
-** Authentication and Authorization
+** Authentication
 *** xref:security:authentication-overview.adoc[]
 *** xref:security:simple-authentication.adoc[]
 *** xref:security:ldap-authentication.adoc[]
@@ -15,7 +15,7 @@
 *** xref:security:identity-configuration.adoc[]
 *** xref:security:jaas-authentication.adoc[]
 *** xref:security:default-authentication.adoc[]
-*** xref:security:client-authorization.adoc[]
+** xref:security:client-authorization.adoc[]
 ** Advanced Security Features
 *** xref:security:logging-auditable-events.adoc[]
 *** xref:security:validating-secrets.adoc[]

docs/modules/security/pages/client-authorization.adoc

@@ -1,8 +1,9 @@
 = Client Authorization
-:description: To protect your members from a malicious client, you can allow them to identify clients and restrict their permissions to access either data in data structures or features such as user code deployment.
 :page-enterprise: true
 
-{description}
+To protect your members from a malicious client, you can allow them to identify clients and restrict their permissions to access either data in data structures or features such as user code deployment.
+
+The xref:security:authentication-overview.adoc[] describes how authentication can be used for verifying credentials, and roles mapping. This section describes how the assigned role names can be used to map permissions to clients.
 
 Hazelcast client authorization is configured by a client permission
 policy. Hazelcast has a default permission policy implementation that uses